CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-1645

Directory traversal vulnerability in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the publication template path.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.9%

CVSS Severity

CVSS v2 Score 4.0

References

http://archives.neohapsis.com/archives/bugtraq/2013-03/0075.html
http://archives.neohapsis.com/archives/bugtraq/2013-03/0075.html

Products affected by CVE-2013-1645

Open-Xchange » Open-Xchange Server » Version: 6.20.7

cpe:2.3:a:open-xchange:open-xchange_server:6.20.7
Open-Xchange » Open-Xchange Server » Version: 6.22.0

cpe:2.3:a:open-xchange:open-xchange_server:6.22.0
Open-Xchange » Open-Xchange Server » Version: 6.22.1

cpe:2.3:a:open-xchange:open-xchange_server:6.22.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1645

Products

Pricing

Contact Us