Lucene search

[email protected]CVE-2008-3710

HistoryAug 19, 2008 - 7:41 p.m.

CVE-2008-3710

2008-08-1919:41:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-3710

directory traversal

vulnerability

cyboards php lite

remote code execution

nvd

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.5%

JSON

Multiple directory traversal vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) script_path parameter to (a) options.php and the (2) lang_code parameter to (b) copy_vip.php and © process_edit_board.php in adminopts/. NOTE: some of these vectors might not be vulnerabilities under proper installation.

Affected configurations

NVD

Node

hotscriptscyboards_php_liteMatch1.21

CPENameOperatorVersion
hotscripts:cyboards_php_litehotscripts cyboards php liteeq1.21

CPE	Name	Operator	Version
hotscripts:cyboards_php_lite	hotscripts cyboards php lite	eq	1.21

References

packetstormsecurity.org/0808-exploits/cyboards-rfilfixss.txt

www.attrition.org/pipermail/vim/2008-August/002052.html

www.securityfocus.com/bid/30688

exchange.xforce.ibmcloud.com/vulnerabilities/44475

5.1 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

7.3 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.5%

JSON

Related for CVE-2008-3710

prion1 cvelist1 nvd1