Directory traversal

2007-11-1002:46:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

80.8%

JSON

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a … (dot dot) in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926.

CPENameOperatorVersion
openbasele10.0.5

CPE	Name	Operator	Version
	openbase	le	10.0.5

References

secunia.com/advisories/27525

www.netragard.com/pdfs/research/NETRAGARD-20070313-OPENBASE.txt

www.securityfocus.com/bid/26347