Lucene search

PRIOn knowledge basePRION:CVE-2006-0567

HistoryFeb 07, 2006 - 6:06 p.m.

Directory traversal

2006-02-0718:06:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

71.2%

JSON

Directory traversal vulnerability in Files Xaraya module before 0.5.1, when the Archive Directory field on the Modify Config page is blank, allows remote attackers to access files outside of the web root via “…” (dot dot) sequences.

CPENameOperatorVersion
files_xaraya_moduleeq0.4.0
files_xaraya_moduleeq0.3.0

CPE	Name	Operator	Version
	files_xaraya_module	eq	0.4.0
	files_xaraya_module	eq	0.3.0

References

www.vupen.com/english/advisories/2006/0371

xaraya.curtisfarnham.com/articles/Files_0.5.1_-_Security_Fix_and_other_things

exchange.xforce.ibmcloud.com/vulnerabilities/24393

7.2 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

71.2%

JSON

Related for PRION:CVE-2006-0567

cve1