Lucene search
MitreCVE-2008-5570HistoryDec 15, 2008 - 6:00 p.m.
CVE-2008-5570
2008-12-1518:00:00
CWE-22
mitre
web.nvd.nist.gov
28
cve
php
vulnerability
directory traversal
nvd
remote execution
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.015
Percentile
87.0%
Directory traversal vulnerability in index.php in PHP Multiple Newsletters 2.7, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the lang parameter.
Affected configurations
Node
php_multiple_newslettersphp_multiple_newslettersMatch2.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| php_multiple_newsletters | php_multiple_newsletters | 2.7 | cpe:2.3:a:php_multiple_newsletters:php_multiple_newsletters:2.7:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-5570
2008-12-15 18:00:00
prion
prion
Directory traversal
2008-12-15 18:00:00
cvelist
cvelist
CVE-2008-5570
2008-12-15 17:45:00
exploitdb
exploitdb
PHP Multiple Newsletters 2.7 - Local File Inclusion / Cross-Site Scripting
2008-12-09 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.015
Percentile
87.0%
Related for CVE-2008-5570