Lucene search

[email protected]CVE-2008-6183

HistoryFeb 19, 2009 - 6:30 p.m.

CVE-2008-6183

2009-02-1918:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve-2008-6183

directory traversal

my php indexer

remote attack

arbitrary file read

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.7%

JSON

Multiple directory traversal vulnerabilities in index.php in My PHP Indexer 1.0 allow remote attackers to read arbitrary files via a … (dot dot) in the (1) d and (2) f parameters.

Affected configurations

NVD

Node

myphpindexermy_php_indexerMatch1.0

CPENameOperatorVersion
myphpindexer:my_php_indexermyphpindexer my php indexereq1.0

CPE	Name	Operator	Version
myphpindexer:my_php_indexer	myphpindexer my php indexer	eq	1.0

References

secunia.com/advisories/32215

www.securityfocus.com/bid/31726

www.vupen.com/english/advisories/2008/2796

exchange.xforce.ibmcloud.com/vulnerabilities/45830

www.exploit-db.com/exploits/6740

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.7%

JSON

Related for CVE-2008-6183

nvd1 prion1 cvelist1