CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1505

Directory traversal vulnerability in index.php in Just Another Flat file (JAF) CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a .. (dot dot) in the show parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.013

EPSS Ranking 78.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://echo.or.id/adv/adv08-y3dips-2004.txt
http://marc.info/?l=bugtraq&m=110004150430309&w=2
http://secunia.com/advisories/13104
http://www.securityfocus.com/bid/11627
https://exchange.xforce.ibmcloud.com/vulnerabilities/17983
http://echo.or.id/adv/adv08-y3dips-2004.txt
http://marc.info/?l=bugtraq&m=110004150430309&w=2
http://secunia.com/advisories/13104
http://www.securityfocus.com/bid/11627
https://exchange.xforce.ibmcloud.com/vulnerabilities/17983

Products affected by CVE-2004-1505

Salims Softhouse » Jaf Cms » Version: 3.0

cpe:2.3:a:salims_softhouse:jaf_cms:3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1505

Products

Pricing

Contact Us