Lucene search

[email protected]CVE-2009-4383

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4383

2022-10-0316:24:04

CWE-22

[email protected]

web.nvd.nist.gov

cve-2009-4383

directory traversal

rocomotion p forum

remote attackers

information security

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.0%

JSON

Directory traversal vulnerability in Pforum.php in Rocomotion P forum before 1.28 allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors.

Affected configurations

NVD

Node

rocomotionp_forumRange≤1.27

rocomotionp_forumMatch1.00

CPENameOperatorVersion
rocomotion:p_forumrocomotion p forumle1.27
rocomotion:p_forumrocomotion p forumeq1.00

CPE	Name	Operator	Version
rocomotion:p_forum	rocomotion p forum	le	1.27
rocomotion:p_forum	rocomotion p forum	eq	1.00

References

another.rocomotion.jp/12568911093444.html

another.rocomotion.jp/12604561773482.html

jvn.jp/en/jp/JVN00152874/index.html

jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000084.html

secunia.com/advisories/37691

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

66.0%

JSON

Related for CVE-2009-4383

cvelist1 prion1 jvn1 nvd1