NVD

Id
55404  
Name
CVE-2007-3251  
Description
Multiple directory traversal vulnerabilities in e-Vision CMS 2.02 and earlier allow remote attackers to (1) include and execute arbitrary local files via a .. (dot dot) in the adminlang cookie to admin/functions.php or (2) read arbitrary local files via the img parameter to admin/show_img.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:N/A:N)  
Pub Date
2017-01-07  
Published
2007-06-18  
Modified Date
2011-03-07  
Seq
2007-3251  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
281540 55404 CVE-2007-3251 4054  View
281541 55404 CVE-2007-3251 24398  View
281542 55404 CVE-2007-3251 ADV-2007-2123  View
281543 55404 CVE-2007-3251 evisioncms-functions-file-include(34792)  View
281544 55404 CVE-2007-3251 evisioncms-showimg-directory-traversal(34794)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
53503 JVNDB-2007-002195 e-Vision CMS におけるディレクトリトラバーサルの脆弱性 e-Vision CMS には、ディレクトリトラバーサルの脆弱性が存在します。 CVE-2007-3251 26606 CVE-2007-3251 55404 7.8 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002195.html 2007-06-18 2012-06-26 View