Lucene search

[email protected]CVE-2008-6334

HistoryFeb 27, 2009 - 5:30 p.m.

CVE-2008-6334

2009-02-2717:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2008

6334

directory traversal

vulnerability

emetrix

extract website

nvd

security

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.042 Low

EPSS

Percentile

92.3%

JSON

Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a … (dot dot) in the filename parameter.

Affected configurations

NVD

Node

emetrixextract_websiteMatch-

CPENameOperatorVersion
emetrix:extract_websiteemetrix extract websiteeq-

CPE	Name	Operator	Version
emetrix:extract_website	emetrix extract website	eq	-

References

secunia.com/advisories/33255

www.securityfocus.com/bid/32936

exchange.xforce.ibmcloud.com/vulnerabilities/47517

www.exploit-db.com/exploits/7525

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.8 Medium

AI Score

Confidence

Low

0.042 Low

EPSS

Percentile

92.3%

JSON

Related for CVE-2008-6334

prion1 cvelist1 nvd1