Описание
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.
Ссылки
- Exploit
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 1.02 (включая)
Одновременно
Одно из
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:*:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:beta:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.0:rc3-1:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.01:*:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.02:rc1:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.02:rc2:*:*:*:*:*:*
cpe:2.3:a:ocsinventory-ng:ocs_inventory_ng:1.02:rc3:*:*:*:*:*:*
cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03478
Низкий
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
ubuntu
больше 16 лет назад
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.
debian
больше 16 лет назад
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG b ...
github
почти 4 года назад
Absolute path traversal vulnerability in cvs.php in OCS Inventory NG before 1.02.1 on Unix allows remote attackers to read arbitrary files via a full pathname in the log parameter.
EPSS
Процентиль: 87%
0.03478
Низкий
5 Medium
CVSS2
Дефекты
CWE-22