Vulnerability Details : CVE-2006-3488

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim.

Vulnerability category: Directory traversal

Published 2006-07-10 22:05:00

Updated 2008-09-05 21:07:17

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2006-3488

Probability of exploitation activity in the next 30 days: 0.48%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2006-3488

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2006-3488

http://securitytracker.com/id?1016421

CVEs referencing this url

Products affected by CVE-2006-3488

Virtuastore » Virtuastore » Version: 2.0
cpe:2.3:a:virtuastore:virtuastore:2.0:*:*:*:*:*:*:*
Matching versions