CVE-2009-1318

Sažetak

Directory traversal vulnerability in index.php in Jamroom 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and possibly other versions before 3.4.0 allows remote attackers to include arbitrary files via directory traversal sequences in the t parameter.

Reference

http://www.jamroom.net/index.php?m=td_tracker&o=view&id=1470
http://www.securityfocus.com/bid/34511
https://exchange.xforce.ibmcloud.com/vulnerabilities/49869
https://www.exploit-db.com/exploits/8423

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

29-09-2017 - 01:34

Objavljeno

17-04-2009 - 14:08