Lucene search

[email protected]CVE-2009-0457

HistoryFeb 10, 2009 - 7:00 a.m.

CVE-2009-0457

2009-02-1007:00:23

CWE-22

[email protected]

web.nvd.nist.gov

aja portal

directory traversal

remote file inclusion

security vulnerability

cve-2009-0457

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON

Multiple directory traversal vulnerabilities in AJA Portal 1.2 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the currentlang parameter to admin/case.php in the (1) Contact_Plus and (2) Reviews modules, and (3) the module_name parameter to admin/includes/FANCYNLOptions.php in the Fancy_NewsLetter module.

Affected configurations

NVD

Node

magtrbaja_portalMatch1.2

CPENameOperatorVersion
magtrb:aja_portalmagtrb aja portaleq1.2

CPE	Name	Operator	Version
magtrb:aja_portal	magtrb aja portal	eq	1.2

References

osvdb.org/51708

osvdb.org/51709

secunia.com/advisories/33735

www.securityfocus.com/bid/33565

www.exploit-db.com/exploits/7939

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2009-0457

prion1 cvelist1 nvd1