Lucene search

[email protected]NVD:CVE-2011-4832

HistoryDec 15, 2011 - 3:57 a.m.

CVE-2011-4832

2011-12-1503:57:34

CWE-22

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Directory traversal vulnerability in CaupoShop Pro 2.x, CaupoShop Classic 3.01, and CaupoShop Pro 3.70 and earlier allows remote attackers to read arbitrary files via a … (dot dot) in the template parameter in a template action.

Affected configurations

NVD

Node

caupocauposhop_classicMatch3.01

caupocauposhop_proRange≤3.70

caupocauposhop_proMatch2.0

caupocauposhop_proMatch2.1

References

secunia.com/advisories/46704

www.exploit-db.com/exploits/18066

www.osvdb.org/76871

www.securityfocus.com/bid/50530

exchange.xforce.ibmcloud.com/vulnerabilities/71136

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.6 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

85.5%

JSON

Related for NVD:CVE-2011-4832

openvas2 cvelist1 prion1 cve1