Lucene search
HistoryApr 09, 2007 - 8:19 p.m.
CVE-2007-1896
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
6.6
Confidence
High
EPSS
0.007
Percentile
80.1%
Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a … (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.
Affected configurations
Node
sky_gunningmyspeachMatch2.1_beta
ORsky_gunningmyspeachMatch3.0.2
ORsky_gunningmyspeachMatch3.0.6
ORsky_gunningmyspeachMatch3.0.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sky_gunning | myspeach | 2.1_beta | cpe:2.3:a:sky_gunning:myspeach:2.1_beta:*:*:*:*:*:*:* |
| sky_gunning | myspeach | 3.0.2 | cpe:2.3:a:sky_gunning:myspeach:3.0.2:*:*:*:*:*:*:* |
| sky_gunning | myspeach | 3.0.6 | cpe:2.3:a:sky_gunning:myspeach:3.0.6:*:*:*:*:*:*:* |
| sky_gunning | myspeach | 3.0.7 | cpe:2.3:a:sky_gunning:myspeach:3.0.7:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2007-04-09 20:19:00
cve
cve
CVE-2007-1896
2007-04-09 20:19:00
cvelist
cvelist
CVE-2007-1896
2007-04-09 20:00:00
exploitdb
exploitdb
MySpeach 3.0.7 - Local/Remote File Inclusion
2007-04-03 00:00:00
securityvulns
securityvulns
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
6.6
Confidence
High
EPSS
0.007
Percentile
80.1%
Related for NVD:CVE-2007-1896