Lucene search
MitreCVE-2014-7985HistoryOct 31, 2014 - 2:55 p.m.
CVE-2014-7985
2014-10-3114:55:06
CWE-22
mitre
web.nvd.nist.gov
34
cve
2014
7985
directory traversal
vulnerability
espocrm
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.009
Percentile
82.3%
Directory traversal vulnerability in EspoCRM before 2.6.0 allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the action parameter to install/index.php.
Affected configurations
Node
espocrmespocrmRange≤2.5.2
Related
prion
prion
Directory traversal
2014-10-31 14:55:00
cvelist
cvelist
CVE-2014-7985
2014-10-31 14:00:00
nvd
nvd
CVE-2014-7985
2014-10-31 14:55:06
htbridge
htbridge
Multiple vulnerabilities in EspoCRM
2014-10-08 00:00:00
packetstorm
packetstorm
EspoCRM 2.5.2 XSS / LFI / Access Control
2014-10-29 00:00:00
openvas
openvas
EspoCRM '/install/index.php' Multiple Vulnerabilities
2014-10-30 00:00:00
zdt
zdt
EspoCRM 2.5.2 XSS / LFI / Access Control Vulnerabilities
2014-10-30 00:00:00
securityvulns
securityvulns
Multiple vulnerabilities in EspoCRM
2014-11-03 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.1
Confidence
Low
EPSS
0.009
Percentile
82.3%
Related for CVE-2014-7985