CVE-2010-2786

Sažetak

Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows remote attackers to include arbitrary local files and possibly have unspecified other impact via directory traversal sequences in a crafted data-renderer request.

Reference

http://marc.info/?l=oss-security&m=128032989120346&w=2
http://marc.info/?l=oss-security&m=128041221832498&w=2
http://piwik.org/blog/2010/07/piwik-0-6-4-security-advisory/
http://piwik.org/changelog/
http://secunia.com/advisories/40703
http://www.osvdb.org/66759
http://www.securityfocus.com/bid/42031
http://www.vupen.com/english/advisories/2010/1971
https://exchange.xforce.ibmcloud.com/vulnerabilities/60808

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

21-11-2019 - 13:30

Objavljeno

02-08-2010 - 22:00