Lucene search

[email protected]CVE-2010-1267

HistoryApr 06, 2010 - 3:30 p.m.

CVE-2010-1267

2010-04-0615:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

webmaid cms

directory traversal

vulnerability

remote attackers

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.3%

JSON

Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the com parameter to (1) cContactus.php, (2) cGuestbook.php, and (3) cArticle.php.

Affected configurations

NVD

Node

kjetiltroanwebmaid_cmsRange≤0.2-6beta

CPENameOperatorVersion
kjetiltroan:webmaid_cmskjetiltroan webmaid cmsle0.2-6

CPE	Name	Operator	Version
kjetiltroan:webmaid_cms	kjetiltroan webmaid cms	le	0.2-6

References

inj3ct0r.com/exploits/11394

packetstormsecurity.org/1003-exploits/webmaid-rfilfi.txt

www.exploit-db.com/exploits/11831

www.securityfocus.com/bid/38993

www.vupen.com/english/advisories/2010/0674

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.006 Low

EPSS

Percentile

78.3%

JSON

Related for CVE-2010-1267

cvelist1 nvd1 prion1