CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-5639

Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the gnew_language cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.049

EPSS Ranking 89.2%

CVSS Severity

CVSS v2 Score 7.5

References

http://packetstormsecurity.com/files/123482
http://www.exploit-db.com/exploits/28684
https://www.htbridge.com/advisory/HTB23171
http://packetstormsecurity.com/files/123482
http://www.exploit-db.com/exploits/28684
https://www.htbridge.com/advisory/HTB23171

Products affected by CVE-2013-5639

Raoul Proenca » Gnew » Version: 2013.1

cpe:2.3:a:raoul_proenca:gnew:2013.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-5639

Products

Pricing

Contact Us