Lucene search
HistoryJun 09, 2015 - 2:59 p.m.
CVE-2015-3648
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.013
Percentile
86.1%
Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace before 7.2.6727 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the defaultlanguage parameter.
Affected configurations
Node
montalaresourcespaceRange≤7.1.6513
| Vendor | Product | Version | CPE |
|---|---|---|---|
| montala | resourcespace | * | cpe:2.3:a:montala:resourcespace:*:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2015-3648
2015-06-09 14:59:04
zdt
zdt
ResourceSpace 7.1.6513 Local File Inclusion Vulnerability
2015-06-04 00:00:00
nuclei
nuclei
ResourceSpace - Local File inclusion
2021-07-28 06:00:02
securityvulns
securityvulns
Local PHP File Inclusion in ResourceSpace
2015-06-08 00:00:00
packetstorm
packetstorm
ResourceSpace 7.1.6513 Local File Inclusion
2015-06-03 00:00:00
htbridge
htbridge
Local PHP File Inclusion in ResourceSpace
2015-05-06 00:00:00
prion
prion
Directory traversal
2015-06-09 14:59:00
cvelist
cvelist
CVE-2015-3648
2015-06-09 14:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.013
Percentile
86.1%
Related for NVD:CVE-2015-3648