CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
86.2%
Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the language parameter to (1) languages_n.php, (2) languages_f.php, or (3) languages.php in inc/; and (4) allow remote attackers to read arbitrary local files via a … (dot dot) in the uri parameter to frames/nogui/sc_download.php.
Vendor | Product | Version | CPE |
---|---|---|---|
tumusika_evolution | tumusika_evolution | 1.7r5 | cpe:2.3:a:tumusika_evolution:tumusika_evolution:1.7r5:*:*:*:*:*:*:* |