Lucene search
MitreCVE-2010-4798HistoryApr 27, 2011 - 12:55 a.m.
CVE-2010-4798
2011-04-2700:55:03
CWE-22
mitre
web.nvd.nist.gov
22
cve
2010
4798
directory traversal
vulnerability
orangehrm
nvd
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.007
Percentile
79.8%
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
Affected configurations
Node
orangehrmorangehrmMatch2.6.0.1
Related
cvelist
cvelist
CVE-2010-4798
2011-04-27 00:00:00
nvd
nvd
CVE-2010-4798
2011-04-27 00:55:03
prion
prion
Directory traversal
2011-04-27 00:55:00
openvas
openvas
OrangeHRM 'uri' Parameter Local File Include Vulnerability
2010-10-12 00:00:00
OrangeHRM <= 2.6.1 'uri' Parameter LFI Vulnerability
2010-10-12 00:00:00
exploitdb
exploitdb
OrangeHRM 2.6.0.1 - Local File Inclusion
2010-10-11 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.007
Percentile
79.8%
Related for CVE-2010-4798