CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-100029

Multiple directory traversal vulnerabilities in class/session.php in Ganesha Digital Library (GDL) 4.2 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) newlang or (2) newtheme parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.072

EPSS Ranking 91.1%

CVSS Severity

CVSS v2 Score 5.0

References

http://packetstormsecurity.com/files/125464
https://exchange.xforce.ibmcloud.com/vulnerabilities/91555
http://packetstormsecurity.com/files/125464
https://exchange.xforce.ibmcloud.com/vulnerabilities/91555

Products affected by CVE-2014-100029

Ganesha Digital Library Project » Ganesha Digital Library » Version: 4.2

cpe:2.3:a:ganesha_digital_library_project:ganesha_digital_library:4.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-100029

Products

Pricing

Contact Us