CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2081

Directory traversal vulnerability in help.php in phpWebThings 1.5.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the module parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.9%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2009-2081

Phpwebthings » Phpwebthings » Version: Any

cpe:2.3:a:phpwebthings:phpwebthings:*
Phpwebthings » Phpwebthings » Version: 0.1

cpe:2.3:a:phpwebthings:phpwebthings:0.1
Phpwebthings » Phpwebthings » Version: 0.2

cpe:2.3:a:phpwebthings:phpwebthings:0.2
Phpwebthings » Phpwebthings » Version: 0.2b

cpe:2.3:a:phpwebthings:phpwebthings:0.2b
Phpwebthings » Phpwebthings » Version: 0.3

cpe:2.3:a:phpwebthings:phpwebthings:0.3
Phpwebthings » Phpwebthings » Version: 0.4

cpe:2.3:a:phpwebthings:phpwebthings:0.4
Phpwebthings » Phpwebthings » Version: 0.4.1

cpe:2.3:a:phpwebthings:phpwebthings:0.4.1
Phpwebthings » Phpwebthings » Version: 0.4.2

cpe:2.3:a:phpwebthings:phpwebthings:0.4.2
Phpwebthings » Phpwebthings » Version: 0.6.0

cpe:2.3:a:phpwebthings:phpwebthings:0.6.0
Phpwebthings » Phpwebthings » Version: 1.0

cpe:2.3:a:phpwebthings:phpwebthings:1.0
Phpwebthings » Phpwebthings » Version: 1.1a

cpe:2.3:a:phpwebthings:phpwebthings:1.1a
Phpwebthings » Phpwebthings » Version: 1.4

cpe:2.3:a:phpwebthings:phpwebthings:1.4
Phpwebthings » Phpwebthings » Version: 1.5.0

cpe:2.3:a:phpwebthings:phpwebthings:1.5.0
Phpwebthings » Phpwebthings » Version: 1.5.1

cpe:2.3:a:phpwebthings:phpwebthings:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2081

Products

Pricing

Contact Us