Lucene search

[email protected]NVD:CVE-2007-3942

HistoryJul 21, 2007 - 12:30 a.m.

CVE-2007-3942

2007-07-2100:30:00

[email protected]

web.nvd.nist.gov

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

74.4%

JSON

Directory traversal vulnerability in index.php in Simple Machines Forum (SMF) 1.1.3 allows remote attackers to include local files via unspecified vectors related to the sourcedir parameter or the actionArray hash. NOTE: CVE and multiple third parties dispute this vulnerability because both sourcedir and actionArray are defined before use

Affected configurations

Nvd

Node

simple_machinessimple_machines_forumMatch1.1.3

VendorProductVersionCPE
simple_machinessimple_machines_forum1.1.3cpe:2.3:a:simple_machines:simple_machines_forum:1.1.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
simple_machines	simple_machines_forum	1.1.3	cpe:2.3:a:simple_machines:simple_machines_forum:1.1.3:::::::*

References

www.securityfocus.com/archive/1/473866/100/0/threaded

www.securityfocus.com/archive/1/473991/100/0/threaded

www.securityfocus.com/archive/1/480572/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/35451

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

AI Score

6.6

Confidence

Low

EPSS

0.004

Percentile

74.4%

JSON

Related for NVD:CVE-2007-3942

cve1 prion1 cvelist1