Lucene search

[email protected]CVE-2009-2552

HistoryJul 20, 2009 - 8:00 p.m.

CVE-2009-2552

2009-07-2020:00:13

CWE-22

[email protected]

web.nvd.nist.gov

cve

directory traversal

comments.php

super simple blog script

remote attack

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

JSON

Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter.

Affected configurations

NVD

Node

supersimplesuper_simple_blog_scriptMatch2.5.4

CPENameOperatorVersion
supersimple:super_simple_blog_scriptsupersimple super simple blog scripteq2.5.4

CPE	Name	Operator	Version
supersimple:super_simple_blog_script	supersimple super simple blog script	eq	2.5.4

References

secunia.com/advisories/35859

www.exploit-db.com/exploits/9179

exchange.xforce.ibmcloud.com/vulnerabilities/51805

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.8%

JSON

Related for CVE-2009-2552

prion1 cvelist1 nvd1