Lucene search
Japan Vulnerability NotesJVN:61935381HistoryJul 10, 2015 - 12:00 a.m.
JVN#61935381: Simple Oekaki BBS vulnerability where arbitary files may be deleted
2015-07-1000:00:00
Japan Vulnerability Notes
jvn.jp
20
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
72.2%
Simple Oekaki BBS provided by LEMON-S PHP contains a flaw in parsing the oekakis parameter in index.php, which may allow a remote attacker to delete arbitrary files.
Impact
A remote attacker may delete arbitrary files on the server.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Products Affected
- Simple Oekaki BBS versions prior to v1.21
Related
cvelist
cvelist
CVE-2015-2970
2015-07-10 15:00:00
cve
cve
CVE-2015-2970
2015-07-10 15:59:02
prion
prion
Code injection
2015-07-10 15:59:00
nvd
nvd
CVE-2015-2970
2015-07-10 15:59:02
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.004 Low
EPSS
Percentile
72.2%
Related for JVN:61935381