Vulnerability Details CVE-2007-2252
Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.036
EPSS Ranking 87.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://osvdb.org/35051
- http://secunia.com/advisories/24934
- http://www.bugtraq.ir/articles/advisory/exponent_multiple_vulnerabilities/10
- http://www.securityfocus.com/bid/23574
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33936
- http://osvdb.org/35051
- http://secunia.com/advisories/24934
- http://www.bugtraq.ir/articles/advisory/exponent_multiple_vulnerabilities/10
- http://www.securityfocus.com/bid/23574
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33936
Products affected by CVE-2007-2252
-
cpe:2.3:a:exponent:exponent_cms:0.96.5_rc1
-
cpe:2.3:a:exponent:exponent_cms:0.96.6_alpha