Lucene search
MitreCVE-2009-3535HistoryOct 02, 2009 - 7:30 p.m.
CVE-2009-3535
2009-10-0219:30:00
CWE-22
mitre
web.nvd.nist.gov
19
cve
2009
3535
directory traversal
vulnerability
clear content 1.1
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.035
Percentile
91.7%
Directory traversal vulnerability in image.php in Clear Content 1.1 allows remote attackers to read arbitrary files via a … (dot dot) in the url parameter. NOTE: the researcher also suggests an analogous PHP remote file inclusion vulnerability, but this may be incorrect.
Affected configurations
Node
allisclearclear_contentMatch1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| allisclear | clear_content | 1.1 | cpe:2.3:a:allisclear:clear_content:1.1:*:*:*:*:*:*:* |
Related
prion
prion
Directory traversal
2009-10-02 19:30:00
cvelist
cvelist
CVE-2009-3535
2009-10-02 19:00:00
exploitdb
exploitdb
ClearContent - '/image.php?url' Local/Remote File Inclusion
2009-07-09 00:00:00
nvd
nvd
CVE-2009-3535
2009-10-02 19:30:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.7
Confidence
Low
EPSS
0.035
Percentile
91.7%
Related for CVE-2009-3535