Lucene search

[email protected]CVE-2009-1090

HistoryMar 25, 2009 - 6:30 p.m.

CVE-2009-1090

2009-03-2518:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2009-1090

directory traversal

rapidleech

security vulnerability

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

JSON

Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter.

Affected configurations

NVD

Node

rapidleechrapidleechRange≤rev.36

CPENameOperatorVersion
rapidleech:rapidleechrapidleechlerev.36

CPE	Name	Operator	Version
rapidleech:rapidleech	rapidleech	le	rev.36

References

osvdb.org/52753

secunia.com/advisories/34300

security.bkis.vn/?p=345

www.securityfocus.com/archive/1/501854/100/0/threaded

www.securityfocus.com/bid/34119

exchange.xforce.ibmcloud.com/vulnerabilities/49256

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

JSON

Related for CVE-2009-1090

cvelist1 nvd1 prion1