Lucene search

[email protected]CVE-2008-6361

HistoryMar 02, 2009 - 4:30 p.m.

CVE-2008-6361

2009-03-0216:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-6361

directory traversal

insun feed cms

security vulnerability

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.9%

JSON

Directory traversal vulnerability in index.php in InSun Feed CMS 1.7.3 19Beta allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter.

Affected configurations

NVD

Node

insun_podcastfeedcmsMatch1.7.3_19beta

CPENameOperatorVersion
insun_podcast:feedcmsinsun podcast feedcmseq1.7.3_19beta

CPE	Name	Operator	Version
insun_podcast:feedcms	insun podcast feedcms	eq	1.7.3_19beta

References

www.securityfocus.com/bid/32783

www.securityfocus.com/bid/32783/exploit

exchange.xforce.ibmcloud.com/vulnerabilities/47276

www.exploit-db.com/exploits/7422

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.9%

JSON

Related for CVE-2008-6361

nvd1 prion1 cvelist1