Lucene search

[email protected]CVE-2009-2112

HistoryJun 18, 2009 - 9:30 p.m.

CVE-2009-2112

2009-06-1821:30:00

CWE-22

[email protected]

web.nvd.nist.gov

cve

2009

2112

directory traversal

vulnerability

phpfk

7.03

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Directory traversal vulnerability in include/page_bottom.php in phpFK 7.03 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the _FORUM[settings_design_style] parameter.

Affected configurations

NVD

Node

frank-karauphpfkMatch7.03

CPENameOperatorVersion
frank-karau:phpfkfrank-karau phpfkeq7.03

CPE	Name	Operator	Version
frank-karau:phpfk	frank-karau phpfk	eq	7.03

References

osvdb.org/55195

www.exploit-db.com/exploits/8975

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2009-2112

prion1 cvelist1 nvd1