Lucene search

[email protected]CVE-2008-3163

HistoryJul 14, 2008 - 11:41 p.m.

CVE-2008-3163

2008-07-1423:41:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-3163

directory traversal

dodosmail 2.5

remote attackers

arbitrary local files

security vulnerability

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.6%

JSON

Directory traversal vulnerability in dodosmail.php in DodosMail 2.5 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the dodosmail_header_file parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

regretlessdodos_mailMatch2.5

CPENameOperatorVersion
regretless:dodos_mailregretless dodos maileq2.5

CPE	Name	Operator	Version
regretless:dodos_mail	regretless dodos mail	eq	2.5

References

www.securityfocus.com/bid/30112

exchange.xforce.ibmcloud.com/vulnerabilities/43625

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.6%

JSON

Related for CVE-2008-3163

cvelist1 nvd1 prion1