Lucene search
HistoryJan 08, 2015 - 8:59 p.m.
CVE-2014-9581
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.014 Low
EPSS
Percentile
86.4%
Directory traversal vulnerability in components/filemanager/download.php in Codiad 2.4.3 allows remote attackers to read arbitrary files via a … (dot dot) in the path parameter. NOTE: this issue was originally incorrectly mapped to CVE-2014-1137; see CVE-2014-1137 for more information.
Affected configurations
Node
codiadcodiadMatch2.4.3
References
Related
cve
cve
prion
prion
Directory traversal
2015-01-08 20:59:00
Design/Logic Flaw
2015-01-10 00:59:00
Sql injection
2015-01-02 20:59:00
cvelist
cvelist
nvd
nvd
zdt
zdt
Codiad 2.4.3 Cross Site Scripting / Local File Inclusion Vulnerabilities
2014-12-20 00:00:00
GQ File Manager 0.2.5 Sql Injection / Cross Site Scripting Vulnerabilities
2014-12-20 00:00:00
exploitpack
exploitpack
GQ File Manager 0.2.5 - Multiple Vulnerabilities
2014-12-19 00:00:00
Codiad 2.4.3 - Multiple Vulnerabilities
2014-12-19 00:00:00
packetstorm
packetstorm
GQ File Manager 0.2.5 Cross Site Scripting / SQL Injection
2014-12-20 00:00:00
Codiad 2.4.3 Cross Site Scripting / Local File Inclusion
2014-12-20 00:00:00
exploitdb
exploitdb
GQ File Manager 0.2.5 - Multiple Vulnerabilities
2014-12-19 00:00:00
Codiad 2.4.3 - Multiple Vulnerabilities
2014-12-19 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.014 Low
EPSS
Percentile
86.4%
Related for NVD:CVE-2014-9581