Lucene search

[email protected]CVE-2008-5171

HistoryNov 19, 2008 - 6:11 p.m.

CVE-2008-5171

2008-11-1918:11:49

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-5171

phpblaster cms

directory traversal

vulnerability

security

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

JSON

Multiple directory traversal vulnerabilities in admin/minibb/index.php in phpBLASTER CMS 1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) DB, (2) lang, and (3) skin parameters.

Affected configurations

NVD

Node

phpblasterphpblaster_cmsMatch1.0rc1

CPENameOperatorVersion
phpblaster:phpblaster_cmsphpblaster phpblaster cmseq1.0

CPE	Name	Operator	Version
phpblaster:phpblaster_cms	phpblaster phpblaster cms	eq	1.0

References

www.securityfocus.com/bid/29983

www.exploit-db.com/exploits/5952

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for CVE-2008-5171

prion1 cvelist1 nvd1