Lucene search
HistoryApr 27, 2011 - 12:55 a.m.
CVE-2010-4798
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.007
Percentile
79.8%
Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.
Affected configurations
Node
orangehrmorangehrmMatch2.6.0.1
Related
cvelist
cvelist
CVE-2010-4798
2011-04-27 00:00:00
prion
prion
Directory traversal
2011-04-27 00:55:00
cve
cve
CVE-2010-4798
2011-04-27 00:55:03
openvas
openvas
OrangeHRM 'uri' Parameter Local File Include Vulnerability
2010-10-12 00:00:00
OrangeHRM <= 2.6.1 'uri' Parameter LFI Vulnerability
2010-10-12 00:00:00
exploitdb
exploitdb
OrangeHRM 2.6.0.1 - Local File Inclusion
2010-10-11 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.007
Percentile
79.8%
Related for NVD:CVE-2010-4798