Lucene search
HistoryJan 06, 2009 - 5:30 p.m.
CVE-2008-5856
directory traversal
vulnerability
class
scripts
export.php
ftype parameter
remote attackers
arbitrary files
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.5%
Directory traversal vulnerability in scripts/export.php in ClaSS before 0.8.61 allows remote attackers to read arbitrary files via directory traversal sequences in the ftype parameter.
Affected configurations
Node
classclassRange≤0.8.60
ORclassclassMatch0.4beta
ORclassclassMatch0.4.0
ORclassclassMatch0.4.1
ORclassclassMatch0.4.2
ORclassclassMatch0.5.0
ORclassclassMatch0.5.1
ORclassclassMatch0.5.2
ORclassclassMatch0.6.0
ORclassclassMatch0.6.1
ORclassclassMatch0.8rc2
ORclassclassMatch0.8.0
ORclassclassMatch0.8.0rc1
ORclassclassMatch0.8.5
ORclassclassMatch0.8.8
ORclassclassMatch0.8.10
ORclassclassMatch0.8.14
ORclassclassMatch0.8.20
ORclassclassMatch0.8.26
ORclassclassMatch0.8.29
ORclassclassMatch0.8.32
ORclassclassMatch0.8.40
ORclassclassMatch0.8.47
ORclassclassMatch0.8.51
ORclassclassMatch0.8.56
ORclassclassMatch0.8.59
Related
prion
prion
Directory traversal
2009-01-06 17:30:00
cvelist
cvelist
CVE-2008-5856
2009-01-06 17:00:00
nvd
nvd
CVE-2008-5856
2009-01-06 17:30:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.5%
Related for CVE-2008-5856