Lucene search

[email protected]CVE-2008-3737

HistoryAug 27, 2008 - 8:41 p.m.

CVE-2008-3737

2008-08-2720:41:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-3737

vulnerability

system consultants

la!cooda wiz

spacetag lacoodast

remote execution

php

file deletion

file read

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

Unspecified vulnerability in (1) System Consultants La!Cooda WIZ 1.4.0 and earlier and (2) SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact.

Affected configurations

NVD

Node

spacetaglacoodastRange≤2.1.3

system_consultantsla_cooda_wizRange≤1.4.0

CPENameOperatorVersion
spacetag:lacoodastspacetag lacoodastle2.1.3
system_consultants:la_cooda_wizsystem consultants la cooda wizle1.4.0

CPE	Name	Operator	Version
spacetag:lacoodast	spacetag lacoodast	le	2.1.3
system_consultants:la_cooda_wiz	system consultants la cooda wiz	le	1.4.0

References

jvn.jp/en/jp/JVN53886050/index.html

secunia.com/advisories/31574

secunia.com/advisories/31582

wiz.syscon.co.jp/Details.htm

www.securityfocus.com/bid/30791

exchange.xforce.ibmcloud.com/vulnerabilities/44594

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.3%

JSON

Related for CVE-2008-3737

jvn1 cvelist1 prion1 nvd1