Lucene search

K
cve[email protected]CVE-2013-3295
HistoryDec 30, 2014 - 2:59 a.m.

CVE-2013-3295

2014-12-3002:59:01
CWE-22
web.nvd.nist.gov
26
cve-2013-3295
directory traversal
exponent cms
security vulnerability
nvd

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.0%

Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the page parameter.

Affected configurations

NVD
Node
exponentcmsexponent_cmsRange2.2.0

7.1 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

83.0%