Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
jvnJapan Vulnerability NotesJVN:65914253
HistorySep 18, 2009 - 12:00 a.m.

JVN#65914253 Directory traversal vulnerability in multiple phpspot products

2009-09-1800:00:00
Japan Vulnerability Notes
jvn.jp
19

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.1%

JSON

Multiple products (BBS Software etc.) provided by phpspot contain a directory traversal vulnerablility.

Impact

A remote attacker could view files on the server where the product is installed. This could lead to disclosure of contents.

Solution

Update the software
Update to latest version according to the information provided by developer.

Products Affected

  • PHP BBS
  • PHP Image Capture BBS
  • PHP&CSS BBS
  • PHP BBS CE
  • PHP_RSS_Builder
  • webshot

Note that versions of the above products containing a php file in the parent directory timestamped on or after September 14, 2009 are not affected by this vulnerability.

Related

nvd 1
cve 1
prion 1
cvelist 1
nvd
nvd
CVE-2009-3284
2009-09-22 10:30:00
cve
cve
CVE-2009-3284
2022-10-03 16:23:55
prion
prion
Directory traversal
2009-09-22 10:30:00
cvelist
cvelist
CVE-2009-3284
2022-10-03 16:23:55

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

68.1%

JSON
Related for JVN:65914253
nvd1cve1prion1cvelist1