Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2015-1577
cve-2015-1577
directory traversal
u5admin
deletefile.php
remote attackers
nvd
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.4%
Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) … (dot dot) or (2) full pathname in the f parameter.
Affected configurations
Node
yubau5cmsRange≤3.9.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| yuba:u5cms | yuba u5cms | le | 3.9.3 |
Related
cvelist
cvelist
CVE-2015-1577
2022-10-03 16:15:51
zeroscience
zeroscience
u5CMS 3.9.3 (deletefile.php) Arbitrary File Deletion Vulnerability
2015-02-09 00:00:00
nvd
nvd
CVE-2015-1577
2015-02-11 19:59:04
prion
prion
Directory traversal
2015-02-11 19:59:00
kaspersky
kaspersky
KLA10500 Multiple vulnerabilities in u5CMS
2015-02-11 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
7 High
AI Score
Confidence
Low
0.011 Low
EPSS
Percentile
84.4%
Related for CVE-2015-1577