Lucene search
Ubuntu.comUB:CVE-2007-2836HistoryJul 02, 2007 - 12:00 a.m.
CVE-2007-2836
2007-07-0200:00:00
ubuntu.com
ubuntu.com
6
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.032 Low
EPSS
Percentile
91.2%
Directory traversal vulnerability in session.rb in Hiki 0.8.0 through 0.8.6
allows remote attackers to delete arbitrary files via directory traversal
sequences in the session ID, which is matched against an insufficiently
restrictive regular expression before it is used to construct a filename
that is marked for deletion at logout.
Related
nessus
nessus
Debian DSA-1324-1 : hiki - missing input sanitising
2007-07-01 00:00:00
prion
prion
Directory traversal
2007-07-02 19:30:00
Design/Logic Flaw
2007-06-26 17:30:00
openvas
openvas
Debian: Security Advisory (DSA-1324-1)
2023-03-08 00:00:00
cvelist
cvelist
CVE-2007-2836
2007-07-02 19:00:00
nvd
nvd
CVE-2007-2836
2007-07-02 19:30:00
CVE-2007-3395
2007-06-26 17:30:00
debian
debian
[SECURITY] [DSA 1324-1] New hiki packages fix missing input sanitising
2007-06-28 21:04:32
osv
osv
hiki
2007-06-28 00:00:00
cve
cve
CVE-2007-2836
2007-07-02 19:30:00
CVE-2007-3395
2007-06-26 17:30:00
debiancve
debiancve
CVE-2007-2836
2007-07-02 19:30:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.032 Low
EPSS
Percentile
91.2%
Related for UB:CVE-2007-2836