CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-5141

Directory traversal vulnerability in exportcsv/exportcsv_index.php in Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the module parameter in an export_page action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.5%

CVSS Severity

CVSS v2 Score 6.0

References

http://osvdb.org/78003
https://exchange.xforce.ibmcloud.com/vulnerabilities/71921
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_obm.html
http://osvdb.org/78003
https://exchange.xforce.ibmcloud.com/vulnerabilities/71921
https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_obm.html

Products affected by CVE-2011-5141

Obm » Open Business Management » Version: 2.4.0

cpe:2.3:a:obm:open_business_management:2.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-5141

Products

Pricing

Contact Us