Lucene search

PRIOn knowledge basePRION:CVE-2007-3096

HistoryJun 06, 2007 - 10:30 p.m.

Directory traversal

2007-06-0622:30:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.4%

JSON

Directory traversal vulnerability in login.php in PBLang (PBL) 4.67.16.a and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the lang parameter.

CPENameOperatorVersion
pblangeq<= 4.67.16.a

CPE	Name	Operator	Version
	pblang	eq	<= 4.67.16.a

References

osvdb.org/36985

secunia.com/advisories/25572

www.securityfocus.com/bid/24340

www.vupen.com/english/advisories/2007/2093

exchange.xforce.ibmcloud.com/vulnerabilities/34751

www.exploit-db.com/exploits/4036

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.133 Low

EPSS

Percentile

95.4%

JSON

Related for PRION:CVE-2007-3096