Lucene search

[email protected]CVE-2010-2676

HistoryJul 08, 2010 - 10:30 p.m.

CVE-2010-2676

2010-07-0822:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2010-2676

directory traversal

open web analytics

owa

vulnerability

remote attackers

arbitrary file read

nvd

7.7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

77.3%

JSON

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the (1) owa_action and (2) owa_do parameters.

CPENameOperatorVersion
openwebanalytics:open_web_analyticsopenwebanalytics open web analyticseq1.2.3

CPE	Name	Operator	Version
openwebanalytics:open_web_analytics	openwebanalytics open web analytics	eq	1.2.3

References

packetstormsecurity.org/1003-exploits/owa123-lfirfi.txt

www.exploit-db.com/exploits/11903

www.ITSecTeam.com/en/vulnerabilities/vulnerability26.htm

www.openwebanalytics.com/?p=87

exchange.xforce.ibmcloud.com/vulnerabilities/57240

7.7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

77.3%

JSON

Related for CVE-2010-2676

prion1 cvelist1