CVE-2004-0327 : Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows

Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.

Published 2004-11-23 05:00:00

Updated 2017-07-11 01:30:04

Source MITRE

View at NVD, CVE.org

Vulnerability category: Directory traversal

Products affected by CVE-2004-0327

Skintech » Phpnewsmanager » Version: 1.36
cpe:2.3:a:skintech:phpnewsmanager:1.36:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2004-0327

EPSS FAQ

4.27%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2004-0327

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2004-0327

Jump to

Vulnerability Details : CVE-2004-0327

Products affected by CVE-2004-0327

Exploit prediction scoring system (EPSS) score for CVE-2004-0327

CVSS scores for CVE-2004-0327

References for CVE-2004-0327