6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.6 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
71.4%
Directory traversal vulnerability in PG Problem Editor module (PGProblemEditor.pm) in WeBWorK Online Homework Delivery System 2.2.0 and earlier allows remote attackers to read and write files outside of the templates directory.
CPE | Name | Operator | Version |
---|---|---|---|
webwork:webwork | webwork | le | 2.2.0 |
devel.webwork.rochester.edu/twiki/bin/view/Webwork/WeBWorKRelease2pt2pt1
secunia.com/advisories/20405
sourceforge.net/mailarchive/forum.php?thread_id=10201693&forum_id=43257
sourceforge.net/project/shownotes.php?release_id=421453
www.vupen.com/english/advisories/2006/2086
exchange.xforce.ibmcloud.com/vulnerabilities/26975