CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-2050

Directory traversal vulnerability in processor_web plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a .. (dot dot) in the hostname of a log entry.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 36.8%

CVSS Severity

CVSS v2 Score 2.1

References

http://jan.kneschke.de/projects/modlogan/download/ChangeLog
http://www.iss.net/security_center/static/7848.php
http://www.securityfocus.com/bid/3821
http://jan.kneschke.de/projects/modlogan/download/ChangeLog
http://www.iss.net/security_center/static/7848.php
http://www.securityfocus.com/bid/3821

Products affected by CVE-2002-2050

Modlogan » Modlogan » Version: 0.5

cpe:2.3:a:modlogan:modlogan:0.5
Modlogan » Modlogan » Version: 0.5.6

cpe:2.3:a:modlogan:modlogan:0.5.6
Modlogan » Modlogan » Version: 0.5.7

cpe:2.3:a:modlogan:modlogan:0.5.7
Modlogan » Modlogan » Version: 0.6

cpe:2.3:a:modlogan:modlogan:0.6
Modlogan » Modlogan » Version: 0.7.11

cpe:2.3:a:modlogan:modlogan:0.7.11

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-2050

Products

Pricing

Contact Us