CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2009-2923

Multiple directory traversal vulnerabilities in BitmixSoft PHP-Lance 1.52 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to show.php and (2) in parameter to advanced_search.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.041

EPSS Ranking 88.2%

CVSS Severity

CVSS v2 Score 5.0

References

http://osvdb.org/57246
http://osvdb.org/57247
http://www.exploit-db.com/exploits/9444
http://osvdb.org/57246
http://osvdb.org/57247
http://www.exploit-db.com/exploits/9444

Products affected by CVE-2009-2923

Bitmixsoft » Php-Lance » Version: 1.52

cpe:2.3:a:bitmixsoft:php-lance:1.52

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2923

Products

Pricing

Contact Us