Lucene search
HistoryMay 18, 2009 - 6:30 p.m.
CVE-2009-1678
cve
2009
1678
directory traversal
vulnerability
bitweaver
rss
php
nvd
7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.5%
Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and earlier allows remote attackers to create or overwrite arbitrary files via a … (dot dot) in the version parameter to boards/boards_rss.php.
Affected configurations
Node
bitweaverbitweaverRange≤2.6
ORbitweaverbitweaverMatch1.1
ORbitweaverbitweaverMatch1.1.1_beta
ORbitweaverbitweaverMatch1.2.1
ORbitweaverbitweaverMatch1.3
ORbitweaverbitweaverMatch1.3.1
ORbitweaverbitweaverMatch2.0.0
ORbitweaverbitweaverMatch2.0.2
ORbitweaverbitweaverMatch2.5
Related
prion
prion
Directory traversal
2009-05-18 18:30:00
cvelist
cvelist
CVE-2009-1678
2009-05-18 18:00:00
nvd
nvd
CVE-2009-1678
2009-05-18 18:30:01
openvas
openvas
Bitweaver Directory Traversal And Code Injection Vulnerabilities
2009-05-26 00:00:00
7 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.5%
Related for CVE-2009-1678