Lucene search

[email protected]NVD:CVE-2009-4231

HistoryDec 08, 2009 - 7:30 p.m.

CVE-2009-4231

2009-12-0819:30:00

CWE-22

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.7%

JSON

Directory traversal vulnerability in as/lib/plugins.php in SweetRice 0.5.3 and earlier allows remote attackers to include and execute arbitrary local files via … (dot dot) in the plugin parameter.

Affected configurations

NVD

Node

basic-cmssweetriceRange≤0.5.3

basic-cmssweetriceMatch0.2.0

basic-cmssweetriceMatch0.2.1

basic-cmssweetriceMatch0.3.0

basic-cmssweetriceMatch0.4.0

basic-cmssweetriceMatch0.4.1

basic-cmssweetriceMatch0.4.2

basic-cmssweetriceMatch0.4.4

basic-cmssweetriceMatch0.5.2

References

packetstormsecurity.org/0911-exploits/sweetrice-rfilfi.txt

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

77.7%

JSON

Related for NVD:CVE-2009-4231

prion1 cve1 cvelist1