Lucene search

[email protected]CVE-2008-1642

HistoryApr 02, 2008 - 5:44 p.m.

CVE-2008-1642

2008-04-0217:44:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-1642

index.php

sava's guestbook 2.0

vulnerability

directory traversal

remote execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

Directory traversal vulnerability in index.php in Sava’s GuestBook 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

savas_placesavas_guestbookMatch2.0

CPENameOperatorVersion
savas_place:savas_guestbooksavas place savas guestbookeq2.0

CPE	Name	Operator	Version
savas_place:savas_guestbook	savas place savas guestbook	eq	2.0

References

secunia.com/advisories/29592

www.securityfocus.com/bid/28536

exchange.xforce.ibmcloud.com/vulnerabilities/41596

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.2%

JSON

Related for CVE-2008-1642

nvd1 cvelist1 prion1