Lucene search

[email protected]CVE-2008-1861

HistoryApr 17, 2008 - 7:05 p.m.

CVE-2008-1861

2008-04-1719:05:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

exbb italia

directory traversal

vulnerability

security

nvd

7.1 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

JSON

Directory traversal vulnerability in modules/threadstop/threadstop.php in ExBB Italia 0.22 and earlier, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the exbb[default_lang] parameter.

Affected configurations

NVD

Node

exbbexbb_italiaRange≤0.2.2

CPENameOperatorVersion
exbb:exbb_italiaexbb exbb italiale0.2.2

CPE	Name	Operator	Version
exbb:exbb_italia	exbb exbb italia	le	0.2.2

References

secunia.com/advisories/29739

www.securityfocus.com/bid/28686

exchange.xforce.ibmcloud.com/vulnerabilities/41707

www.exploit-db.com/exploits/5405

7.1 High

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

72.4%

JSON

Related for CVE-2008-1861

prion1 nvd1 cvelist1