Lucene search

K
cve[email protected]CVE-2008-6522
HistoryMar 25, 2009 - 6:30 p.m.

CVE-2008-6522

2009-03-2518:30:00
CWE-22
web.nvd.nist.gov
20
cve-2008-6522
directory traversal
contentrender.class.php
terracotta
openterracotta
remote code execution

7.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.7%

Multiple directory traversal vulnerabilities in the RenderFile function in ContentRender.class.php in Terracotta (aka OpenTerracotta) 0.6.1, and possibly other versions, allow remote attackers to list arbitrary directories and read arbitrary files via a … (dot dot) in the (1) CurrentDirectory and (2) File parameters to index.php.

Affected configurations

NVD
Node
devraj_mukherjeeopenterracottaMatch0.6.1

7.1 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

77.7%

Related for CVE-2008-6522