Lucene search

[email protected]CVE-2009-1445

HistoryApr 27, 2009 - 7:30 p.m.

CVE-2009-1445

2009-04-2719:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2009

1445

directory traversal

webportal cms

security

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.2%

JSON

Multiple directory traversal vulnerabilities in WebPortal CMS 0.8-beta allow remote attackers to (1) read arbitrary files via directory traversal sequences in the lang parameter to libraries/helpdocs/help.php and (2) include and execute arbitrary local files via directory traversal sequences in the error parameter to index.php.

Affected configurations

NVD

Node

ivano_culminewebportal_cmsMatch0.8beta

CPENameOperatorVersion
ivano_culmine:webportal_cmsivano culmine webportal cmseq0.8

CPE	Name	Operator	Version
ivano_culmine:webportal_cms	ivano culmine webportal cms	eq	0.8

References

osvdb.org/54119

osvdb.org/54120

www.securityfocus.com/bid/34687

www.exploit-db.com/exploits/8516

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

75.2%

JSON

Related for CVE-2009-1445

prion1 cvelist1 nvd1