admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 01:02:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-03xx/CVE-2008-0300.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

150 lines
4.4 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-0300",
"sourceIdentifier": "cve@mitre.org",
"published": "2008-03-11T23:44:00.000",
"lastModified": "2024-11-21T00:41:37.327",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "mapFiler.php in Mapbender 2.4 to 2.4.4 allows remote attackers to execute arbitrary PHP code via PHP code sequences in the factor parameter, which are not properly handled when accessing a filename that contains those sequences."
},
{
"lang": "es",
"value": "mapFiler.php en Mapbender 2.4 hasta 2.4.4 permite a atacantes remotos ejecutar c\u00f3digo PHP de su elecci\u00f3n mediante secuencias de c\u00f3digo PHP en el par\u00e1metro factor, que no esta correctamente manejado cuando se accede al nombre del fichero que contiene esa secuencia."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"baseScore": 6.8,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mapbender:mapbender:2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9B6B556A-9697-49EE-8C02-68367E6E0DDE"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mapbender:mapbender:2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "234EFEA2-A7E5-4C26-AB6D-6CAA5D87AE7D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mapbender:mapbender:2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "939816A3-FDFB-436E-B264-9563DAF17EB9"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mapbender:mapbender:2.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22158443-4914-4CCC-827E-DF1CCA7102FB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mapbender:mapbender:2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "03315A84-729C-4DF6-A7B3-98F13DA9F2D5"
}
]
}
]
}
],
"references": [
{
"url": "http://secunia.com/advisories/29329",
"source": "cve@mitre.org"
},
{
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2008-001.php",
"source": "cve@mitre.org",
"tags": [
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/28195",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41131",
"source": "cve@mitre.org"
},
{
"url": "https://www.exploit-db.com/exploits/5232",
"source": "cve@mitre.org"
},
{
"url": "http://secunia.com/advisories/29329",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.redteam-pentesting.de/advisories/rt-sa-2008-001.php",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
]
},
{
"url": "http://www.securityfocus.com/bid/28195",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
]
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41131",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.exploit-db.com/exploits/5232",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink