exploitDog

CVE-2009-2229

Опубликовано: 26 июн. 2009

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these details are obtained from third party information.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kasseler-cms:kasseler_cms:1.3.5:*:lite:*:*:*:*:*

EPSS

Процентиль: 91%

0.06607

Низкий

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-wx3q-mhwj-6vqq

github

почти 4 года назад

Directory traversal vulnerability in engine.php in Kasseler CMS 1.3.5 lite allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter during a download action, a different vector than CVE-2008-3087. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 91%

0.06607

Низкий

5 Medium

CVSS2

Дефекты

CWE-22