CVE-2010-2676

Опубликовано: 08 июл. 2010

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might allow remote attackers to read arbitrary files via directory traversal sequences in the (1) owa_action and (2) owa_do parameters.

Ссылки

http://packetstormsecurity.org/1003-exploits/owa123-lfirfi.txt
Exploit
http://www.ITSecTeam.com/en/vulnerabilities/vulnerability26.htm
Exploit
http://www.exploit-db.com/exploits/11903
Exploit
http://www.openwebanalytics.com/?p=87
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/57240
http://packetstormsecurity.org/1003-exploits/owa123-lfirfi.txt
Exploit
http://www.ITSecTeam.com/en/vulnerabilities/vulnerability26.htm
Exploit
http://www.exploit-db.com/exploits/11903
Exploit
http://www.openwebanalytics.com/?p=87
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/57240

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openwebanalytics:open_web_analytics:1.2.3:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.05113

Низкий

5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-w8h2-5xj2-2jrx

github

больше 3 лет назад