Lucene search
MitreCVE-2008-4528HistoryOct 09, 2008 - 6:14 p.m.
CVE-2008-4528
2008-10-0918:14:15
CWE-22
mitre
web.nvd.nist.gov
27
cve
directory traversal
phlatline
ppim
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
High
EPSS
0.012
Percentile
85.0%
Directory traversal vulnerability in notes.php in Phlatline’s Personal Information Manager (pPIM) 1.01 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the id parameter in an edit action.
Affected configurations
Node
phlatlinepersonal_information_managerMatch1.01
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phlatline | personal_information_manager | 1.01 | cpe:2.3:a:phlatline:personal_information_manager:1.01:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2008-10-09 18:14:00
exploitdb
exploitdb
pPIM 1.01 - 'notes.php' Local File Inclusion
2008-10-04 00:00:00
pPIM 1.0 - Arbitrary File Delete / Cross-Site Scripting
2008-08-10 00:00:00
pPIM 1.0 - Upload/Change Password
2008-08-11 00:00:00
cvelist
cvelist
CVE-2008-4528
2008-10-09 18:00:00
nvd
nvd
CVE-2008-4528
2008-10-09 18:14:15
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.1
Confidence
High
EPSS
0.012
Percentile
85.0%
Related for CVE-2008-4528