Lucene search

[email protected]CVE-2008-1730

HistoryApr 11, 2008 - 7:05 p.m.

CVE-2008-1730

2008-04-1119:05:00

CWE-22

[email protected]

web.nvd.nist.gov

arwscripts

gallery script lite

directory traversal

vulnerability

remote attackers

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Directory traversal vulnerability in download.html in ARWScripts Gallery Script Lite (aka gallery-script-lite or Free Photo Gallery Site Script), as of 20080411, allows remote attackers to read arbitrary local files via directory traversal sequences in the path parameter.

Affected configurations

NVD

Node

arwscriptsgallery_script_lite

CPENameOperatorVersion
arwscripts:gallery_script_litearwscripts gallery script liteeq*

CPE	Name	Operator	Version
arwscripts:gallery_script_lite	arwscripts gallery script lite	eq	*

References

secunia.com/advisories/29746

www.osvdb.org/44253

www.securityfocus.com/bid/28718

exchange.xforce.ibmcloud.com/vulnerabilities/41742

www.exploit-db.com/exploits/5419

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.6 Medium

AI Score

Confidence

High

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for CVE-2008-1730

nvd1 prion1 cvelist1