CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-4180

Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this vulnerability exists due to an incomplete fix to CVE-2009-4050.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.openwall.com/lists/oss-security/2015/06/04/10
http://www.openwall.com/lists/oss-security/2015/06/04/10

Products affected by CVE-2015-4180

Phpmybackuppro » Phpmybackuppro » Version: 2.1

cpe:2.3:a:phpmybackuppro:phpmybackuppro:2.1
Phpmybackuppro » Phpmybackuppro » Version: 2.2

cpe:2.3:a:phpmybackuppro:phpmybackuppro:2.2
Phpmybackuppro » Phpmybackuppro » Version: 2.3

cpe:2.3:a:phpmybackuppro:phpmybackuppro:2.3
Phpmybackuppro » Phpmybackuppro » Version: 2.4

cpe:2.3:a:phpmybackuppro:phpmybackuppro:2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-4180

Products

Pricing

Contact Us