7.3 High
AI Score
Confidence
Low
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.229 Low
EPSS
Percentile
96.6%
Directory traversal vulnerability in public/index.php in BIGACE Web CMS 2.6 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the cmd parameter.
CPE | Name | Operator | Version |
---|---|---|---|
bigace:bigace_cms | bigace bigace cms | eq | 2.6 |
forum.bigace.de/announcements/security-patch-for-bigace-2-6
osvdb.org/55510
secunia.com/advisories/35643
securitytracker.com/id?1022489
www.bigace.de/Security-patch-for-BIGACE-2.6-released.html
www.exploit-db.com/exploits/9052
www.securityfocus.com/bid/35537
exchange.xforce.ibmcloud.com/vulnerabilities/51444