CVE-2015-6914 - CERT CVE

  1. CVE-2015-6914

ID CVE-2015-6914
Sažetak Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbitrary files via a full pathname in the file parameter to assets/download.aspx.
Reference
CVSS
Base: 7.8
Impact: 6.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
COMPLETE NONE NONE
CVSS vektor AV:N/AC:L/Au:N/C:C/I:N/A:N
Zadnje važnije ažuriranje 14-09-2015 - 19:41
Objavljeno 11-09-2015 - 16:59