Lucene search
HistoryJan 29, 2012 - 4:04 a.m.
CVE-2011-3829
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0.012
Percentile
85.2%
ftp_upload_file.php in Support Incident Tracker (aka SiT!) 3.65 allows remote authenticated users to obtain sensitive information via the file name, which reveals the installation path in an error message.
Affected configurations
Node
sitrackersupport_incident_trackerMatch3.65
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sitracker | support_incident_tracker | 3.65 | cpe:2.3:a:sitracker:support_incident_tracker:3.65:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-3829
2012-01-29 02:00:00
cve
cve
CVE-2011-3829
2012-01-29 04:04:44
prion
prion
Information disclosure
2012-01-29 04:04:00
dsquare
dsquare
Sitracker SIT File Upload
2012-01-26 00:00:00
packetstorm
packetstorm
Support Incident Tracker 3.65 Remote Command Execution
2011-11-13 00:00:00
zdt
zdt
Support Incident Tracker <= 3.65 Remote Command Execution
2011-11-12 00:00:00
seebug
seebug
Support Incident Tracker <= 3.65 Remote Command Execution
2014-07-01 00:00:00
exploitdb
exploitdb
Support Incident Tracker 3.65 - Remote Command Execution (Metasploit)
2011-11-13 00:00:00
metasploit
metasploit
Support Incident Tracker Remote Command Execution
2011-11-12 18:36:21
openvas
openvas
Support Incident Tracker (SiT!) Multiple Input Validation Vulnerabilities
2011-11-16 00:00:00
Support Incident Tracker (SiT!) <= 3.65 Multiple Vulnerabilities
2011-11-16 00:00:00
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0.012
Percentile
85.2%
Related for NVD:CVE-2011-3829