NVD

Id
444  
Name
CVE-2008-0466  
Description
Web Wiz RTE_file_browser.asp in, as used in Web Wiz Rich Text Editor 4.0, Web Wiz Forums 9.07, and Web Wiz Newspad 1.02, does not require authentication, which allows remote attackers to list directories and read files. NOTE: this can be leveraged for listings outside the configured directory tree by exploiting a separate directory traversal vulnerability.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:N/A:N)  
Pub Date
2017-01-03  
Published
2008-01-28  
Modified Date
2010-12-03  
Seq
2008-0466  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
3026 444 CVE-2008-0466 3584  View
3027 444 CVE-2008-0466 1019267  View
3028 444 CVE-2008-0466 http://www.bugreport.ir/?/29  View
3029 444 CVE-2008-0466 http://www.bugreport.ir/?/31  View
3030 444 CVE-2008-0466 4970  View
3031 444 CVE-2008-0466 4971  View
3032 444 CVE-2008-0466 20080123 Web Wiz Forums Directory traversal  View
3033 444 CVE-2008-0466 20080123 Web Wiz Rich Text Editor Directory traversal + HTM/HTML filecreation on the server  View
3034 444 CVE-2008-0466 27419  View
3035 444 CVE-2008-0466 http://www.webwizguide.com/webwizrichtexteditor/kb/release_notes.asp  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
50092 JVNDB-2008-005402 Web Wiz Rich Text Edito などで使用されている Web Wiz RTE_file_browser.asp におけるディレクトリトラバーサルの脆弱性 Web Wiz Rich Text Editor、Web Wiz Forums、および Web Wiz Newspad で使用されている Web Wiz RTE_file_browser.asp は、認証を必要としないため、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2008-0466 30579 CVE-2008-0466 444 5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-005402.html 2008-01-28 2012-12-20 View