Lucene search

[email protected]CVE-2008-5787

HistoryDec 31, 2008 - 11:30 a.m.

CVE-2008-5787

2008-12-3111:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2008-5787

directory traversal

mod.php

arab portal 2.1

windows

remote attackers

arbitrary files

nvd

5.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.0%

JSON

Directory traversal vulnerability in mod.php in Arab Portal 2.1 on Windows allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter, in conjunction with a show action.

Affected configurations

NVD

Node

arabportalarab_portalMatch2.1

AND

microsoftwindows

CPENameOperatorVersion
arabportal:arab_portalarabportal arab portaleq2.1

CPE	Name	Operator	Version
arabportal:arab_portal	arabportal arab portal	eq	2.1

References

secunia.com/advisories/32590

securityreason.com/securityalert/4851

www.securityfocus.com/archive/1/498092/100/0/threaded

www.securityfocus.com/bid/32146

exchange.xforce.ibmcloud.com/vulnerabilities/46404

www.exploit-db.com/exploits/7019

5.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:H/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.015 Low

EPSS

Percentile

87.0%

JSON

Related for CVE-2008-5787

nvd1 prion1 cvelist1