Lucene search

MitreCVE-2008-1799

HistoryApr 15, 2008 - 5:05 p.m.

CVE-2008-1799

2008-04-1517:05:00

CWE-22

mitre

web.nvd.nist.gov

cve

2008

directory traversal

vulnerability

thumbnails.php

sabros.us

remote attack

arbitrary files

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

81.0%

JSON

Directory traversal vulnerability in thumbnails.php in sabros.us 1.75 allows remote attackers to read arbitrary files via a … (dot dot) in the img parameter.

Affected configurations

Nvd

Node

sabros.ussabros.usMatch1.75

VendorProductVersionCPE
sabros.ussabros.us1.75cpe:2.3:a:sabros.us:sabros.us:1.75:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
sabros.us	sabros.us	1.75	cpe:2.3:a:sabros.us:sabros.us:1.75:::::::*

References

www.securityfocus.com/bid/28623

exchange.xforce.ibmcloud.com/vulnerabilities/41672

www.exploit-db.com/exploits/5360

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.7

Confidence

Low

EPSS

0.007

Percentile

81.0%

JSON

Related for CVE-2008-1799