Lucene search

[email protected]CVE-2008-1653

HistoryApr 02, 2008 - 5:44 p.m.

CVE-2008-1653

2008-04-0217:44:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-1653

directory traversal

index.php

sava's link manager 2.0

remote code execution

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Directory traversal vulnerability in index.php in Sava’s Link Manager 2.0 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD

Node

savas_placesavas_link_managerMatch2.0

CPENameOperatorVersion
savas_place:savas_link_managersavas place savas link managereq2.0

CPE	Name	Operator	Version
savas_place:savas_link_manager	savas place savas link manager	eq	2.0

References

secunia.com/advisories/29589

www.securityfocus.com/bid/28537

exchange.xforce.ibmcloud.com/vulnerabilities/41595

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.8%

JSON

Related for CVE-2008-1653

prion1 cvelist1 nvd1