Lucene search

[email protected]CVE-2008-0822

HistoryFeb 19, 2008 - 8:44 p.m.

CVE-2008-0822

2008-02-1920:44:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-0822

directory traversal

index.php

scribe 0.2

remote attackers

arbitrary local files

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

81.0%

JSON

Directory traversal vulnerability in index.php in Scribe 0.2 allows remote attackers to read arbitrary local files via a … (dot dot) in the page parameter.

Affected configurations

NVD

Node

scribescribeMatch0.2

CPENameOperatorVersion
scribe:scribescribeeq0.2

CPE	Name	Operator	Version
scribe:scribe	scribe	eq	0.2

References

securityreason.com/securityalert/3668

www.securityfocus.com/archive/1/488140/100/0/threaded

www.securityfocus.com/bid/27803

www.exploit-db.com/exploits/5123

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

6.5 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

81.0%

JSON

Related for CVE-2008-0822

nvd1 prion1 cvelist1