Lucene search

[email protected]CVE-2008-5881

HistoryJan 09, 2009 - 6:30 p.m.

CVE-2008-5881

2009-01-0918:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-5881

playsms

directory traversal

remote attackers

arbitrary local files

nvd

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

75.0%

JSON

Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) themes_module parameter to plugin/themes/default/init.php.

CPENameOperatorVersion
playsms:playsmsplaysmseq0.9.3

CPE	Name	Operator	Version
playsms:playsms	playsms	eq	0.9.3

References

secunia.com/advisories/33386

securityreason.com/securityalert/4888

www.securityfocus.com/bid/33138

www.exploit-db.com/exploits/7687

8.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.004 Low

EPSS

Percentile

75.0%

JSON

Related for CVE-2008-5881

prion1 cvelist1