Lucene search
HistoryFeb 06, 2009 - 11:30 a.m.
CVE-2008-6074
cve-2008-6074
directory traversal vulnerability
phpcrs
code execution
nvd
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
87.1%
Directory traversal vulnerability in frame.php in phpcrs 2.06 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the importFunction parameter.
Affected configurations
Node
phpcrsphpcrsRange≤2.06
ORphpcrsphpcrsMatch1.01
ORphpcrsphpcrsMatch2.00
ORphpcrsphpcrsMatch2.01
ORphpcrsphpcrsMatch2.02
ORphpcrsphpcrsMatch2.03
ORphpcrsphpcrsMatch2.04
ORphpcrsphpcrsMatch2.05
Related
cvelist
cvelist
CVE-2008-6074
2009-02-06 11:00:00
prion
prion
Directory traversal
2009-02-06 11:30:00
nvd
nvd
CVE-2008-6074
2009-02-06 11:30:00
5.1 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
7.3 High
AI Score
Confidence
Low
0.015 Low
EPSS
Percentile
87.1%
Related for CVE-2008-6074