Lucene search

[email protected]NVD:CVE-2012-3838

HistoryJul 03, 2012 - 10:55 p.m.

CVE-2012-3838

2012-07-0322:55:02

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

71.9%

JSON

Gekko before 1.2.0 allows remote attackers to obtain the installation path via a direct request to (1) admin/templates/babygekko/index.php or (2) templates/html5demo/index.php.

Affected configurations

Nvd

Node

babygekkobaby_gekkoRange≤1.1.5

babygekkobaby_gekkoMatch0.90

babygekkobaby_gekkoMatch0.91

babygekkobaby_gekkoMatch0.98alpha

babygekkobaby_gekkoMatch0.99beta

babygekkobaby_gekkoMatch1.0.0

babygekkobaby_gekkoMatch1.0.1

babygekkobaby_gekkoMatch1.1.0

babygekkobaby_gekkoMatch1.1.1

babygekkobaby_gekkoMatch1.1.2

babygekkobaby_gekkoMatch1.1.3

babygekkobaby_gekkoMatch1.1.4

VendorProductVersionCPE
babygekkobaby_gekko*cpe:2.3:a:babygekko:baby_gekko:*:*:*:*:*:*:*:*
babygekkobaby_gekko0.90cpe:2.3:a:babygekko:baby_gekko:0.90:*:*:*:*:*:*:*
babygekkobaby_gekko0.91cpe:2.3:a:babygekko:baby_gekko:0.91:*:*:*:*:*:*:*
babygekkobaby_gekko0.98cpe:2.3:a:babygekko:baby_gekko:0.98:alpha:*:*:*:*:*:*
babygekkobaby_gekko0.99cpe:2.3:a:babygekko:baby_gekko:0.99:beta:*:*:*:*:*:*
babygekkobaby_gekko1.0.0cpe:2.3:a:babygekko:baby_gekko:1.0.0:*:*:*:*:*:*:*
babygekkobaby_gekko1.0.1cpe:2.3:a:babygekko:baby_gekko:1.0.1:*:*:*:*:*:*:*
babygekkobaby_gekko1.1.0cpe:2.3:a:babygekko:baby_gekko:1.1.0:*:*:*:*:*:*:*
babygekkobaby_gekko1.1.1cpe:2.3:a:babygekko:baby_gekko:1.1.1:*:*:*:*:*:*:*
babygekkobaby_gekko1.1.2cpe:2.3:a:babygekko:baby_gekko:1.1.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
babygekko	baby_gekko	*	cpe:2.3:a:babygekko:baby_gekko::::::::
babygekko	baby_gekko	0.90	cpe:2.3:a:babygekko:baby_gekko:0.90:::::::*
babygekko	baby_gekko	0.91	cpe:2.3:a:babygekko:baby_gekko:0.91:::::::*
babygekko	baby_gekko	0.98	cpe:2.3:a:babygekko:baby_gekko:0.98:alpha::::::
babygekko	baby_gekko	0.99	cpe:2.3:a:babygekko:baby_gekko:0.99:beta::::::
babygekko	baby_gekko	1.0.0	cpe:2.3:a:babygekko:baby_gekko:1.0.0:::::::*
babygekko	baby_gekko	1.0.1	cpe:2.3:a:babygekko:baby_gekko:1.0.1:::::::*
babygekko	baby_gekko	1.1.0	cpe:2.3:a:babygekko:baby_gekko:1.1.0:::::::*
babygekko	baby_gekko	1.1.1	cpe:2.3:a:babygekko:baby_gekko:1.1.1:::::::*
babygekko	baby_gekko	1.1.2	cpe:2.3:a:babygekko:baby_gekko:1.1.2:::::::*

Rows per page:

1-10 of 121

References

www.babygekko.com/site/news/general/baby-gekko-v1-2-0-released-with-3rd-party-independent-security-testing-performed-by-zero-science-lab.html

www.exploit-db.com/exploits/18827

www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5086.php

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.003

Percentile

71.9%

JSON

Related for NVD:CVE-2012-3838

cve1 prion1 cvelist1 exploitdb1