Lucene search
HistoryJun 21, 2007 - 6:30 p.m.
CVE-2007-3312
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
6.9
Confidence
High
EPSS
0.004
Percentile
74.9%
Directory traversal vulnerability in admin/plugin_manager.php in Jasmine CMS 1.0 allows remote authenticated administrators to include and execute arbitrary local files a … (dot dot) in the u parameter. NOTE: a separate vulnerability could be leveraged to make this issue exploitable by remote unauthenticated attackers.
Affected configurations
Node
efstratios_geroulisjasmine_cmsMatch1.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| efstratios_geroulis | jasmine_cms | 1.0 | cpe:2.3:a:efstratios_geroulis:jasmine_cms:1.0:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2007-06-21 18:30:00
cve
cve
CVE-2007-3312
2007-06-21 18:30:00
cvelist
cvelist
CVE-2007-3312
2007-06-21 18:00:00
exploitdb
exploitdb
Jasmine CMS 1.0 - SQL Injection / Remote Code Execution
2007-06-19 00:00:00
CVSS2
9
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
AI Score
6.9
Confidence
High
EPSS
0.004
Percentile
74.9%
Related for NVD:CVE-2007-3312