Lucene search

[email protected]CVE-2008-6083

HistoryFeb 06, 2009 - 11:30 a.m.

CVE-2008-6083

2009-02-0611:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2008

6083

directory traversal

vulnerability

txtshop beta 1.0

remote attackers

arbitrary

local files

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Directory traversal vulnerability in header.php in TXTshop beta 1.0 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the language parameter.

Affected configurations

NVD

Node

txtshoptxtshopMatch1.0beta

CPENameOperatorVersion
txtshop:txtshoptxtshopeq1.0

CPE	Name	Operator	Version
txtshop:txtshop	txtshop	eq	1.0

References

www.securityfocus.com/archive/1/497752/100/0/threaded

www.securityfocus.com/bid/31885

exchange.xforce.ibmcloud.com/vulnerabilities/46063

www.exploit-db.com/exploits/6816

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2008-6083

nvd1 prion1 cvelist1