Lucene search

[email protected]NVD:CVE-2008-4499

HistoryOct 09, 2008 - 12:00 a.m.

CVE-2008-4499

2008-10-0900:00:01

CWE-22

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.

Affected configurations

Nvd

Node

php_web_explorerphp_web_explorer_liteRange≤0.99b

php_web_explorerphp_web_explorer_liteMatch0.99a

VendorProductVersionCPE
php_web_explorerphp_web_explorer_lite*cpe:2.3:a:php_web_explorer:php_web_explorer_lite:*:*:*:*:*:*:*:*
php_web_explorerphp_web_explorer_lite0.99acpe:2.3:a:php_web_explorer:php_web_explorer_lite:0.99a:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
php_web_explorer	php_web_explorer_lite	*	cpe:2.3:a:php_web_explorer:php_web_explorer_lite::::::::
php_web_explorer	php_web_explorer_lite	0.99a	cpe:2.3:a:php_web_explorer:php_web_explorer_lite:0.99a:::::::*

References

marc.info/?l=bugtraq&m=122332154511973&w=2

securityreason.com/securityalert/4371

www.securityfocus.com/bid/31595

exchange.xforce.ibmcloud.com/vulnerabilities/45691

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.018

Percentile

88.1%

JSON

Related for NVD:CVE-2008-4499

cvelist1 exploitdb2 prion1 cve1