Lucene search
HistoryMay 18, 2009 - 6:30 p.m.
CVE-2009-1678
cve
2009
1678
directory traversal
vulnerability
bitweaver
rss
php
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.6%
Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a … (dot dot) in the version parameter to boards/boards_rss.php.
Affected configurations
Node
bitweaverbitweaverRange≤2.6
ORbitweaverbitweaverMatch1.1
ORbitweaverbitweaverMatch1.1.1_beta
ORbitweaverbitweaverMatch1.2.1
ORbitweaverbitweaverMatch1.3
ORbitweaverbitweaverMatch1.3.1
ORbitweaverbitweaverMatch2.0.0
ORbitweaverbitweaverMatch2.0.2
ORbitweaverbitweaverMatch2.5
Related
nvd
nvd
CVE-2009-1678
2009-05-18 18:30:01
prion
prion
Directory traversal
2009-05-18 18:30:00
cvelist
cvelist
CVE-2009-1678
2009-05-18 18:00:00
openvas
openvas
Bitweaver Directory Traversal And Code Injection Vulnerabilities
2009-05-26 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.6%
Related for CVE-2009-1678