- Description
- Directory traversal vulnerability in Baby FTP Server (BabyFTP) 1.24 allows remote authenticated users to determine existence of files outside the intended document root via unspecified manipulations, which generate different error messages depending on whether a file exists or not.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:pablo_software_solutions:baby_ftp_server:1.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CF066D6-27C4-4F35-86C9-9FA713A2F790"
}
],
"operator": "OR"
}
]
}
]