Lucene search

[email protected]NVD:CVE-2007-3326

HistoryJun 21, 2007 - 6:30 p.m.

CVE-2007-3326

2007-06-2118:30:00

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

65.7%

JSON

Multiple directory traversal vulnerabilities in vBulletin 3.x.x allow remote attackers to redirect visitors to arbitrary local files via a … (dot dot) in (1) the loc parameter to admincp/index.php and (2) the Hyperlink information URl field for post Topic in showthread.php, enabling cross-site scripting (XSS) and other attacks, a different vulnerability than CVE-2005-3025.2.

Affected configurations

Nvd

Node

jelsoftvbulletinMatch3.0.0

VendorProductVersionCPE
jelsoftvbulletin3.0.0cpe:2.3:a:jelsoft:vbulletin:3.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
jelsoft	vbulletin	3.0.0	cpe:2.3:a:jelsoft:vbulletin:3.0.0:::::::*

References

securityreason.com/securityalert/2820

www.securityfocus.com/archive/1/471835/100/0/threaded

www.securityfocus.com/archive/1/471838/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/34956

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.003

Percentile

65.7%

JSON

Related for NVD:CVE-2007-3326

prion1 cve2 cvelist2 nvd1 nessus1