Lucene search

[email protected]CVE-2007-2324

HistoryApr 27, 2007 - 12:19 a.m.

CVE-2007-2324

2007-04-2700:19:00

[email protected]

web.nvd.nist.gov

directory traversal

file.php

julmacms 1.4

remote attackers

arbitrary files

vulnerability

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Directory traversal vulnerability in file.php in JulmaCMS 1.4 allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter.

Affected configurations

NVD

Node

julmajannejulmacmsMatch1.4

CPENameOperatorVersion
julmajanne:julmacmsjulmajanne julmacmseq1.4

CPE	Name	Operator	Version
julmajanne:julmacms	julmajanne julmacms	eq	1.4

References

osvdb.org/35387

secunia.com/advisories/25053

www.securityfocus.com/bid/23642

exchange.xforce.ibmcloud.com/vulnerabilities/33859

www.exploit-db.com/exploits/3799

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2007-2324

nvd1 prion1 cvelist1