- Description
- Multiple directory traversal vulnerabilities in Private Messaging System (PMS) 1.2.3 and earlier for PunBB allow remote attackers to include and execute arbitrary files via a .. (dot dot) in the pun_user[language] parameter to (1) functions_navlinks.php, (2) header_new_messages.php, (3) profile_send.php, and (4) viewtopic_PM-link.php in include/pms/.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 5.1
- Impact score
- 6.4
- Exploitability score
- 4.9
- Vector string
- AV:N/AC:H/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-22
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:punbb:private_messaging_system:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6B455E2B-E7CB-44D8-9494-54B3798C6206",
"versionEndIncluding": "1.2.3"
},
{
"criteria": "cpe:2.3:a:punbb:private_messaging_system:1.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EFDFB063-B99A-4628-8420-1E0875976703"
},
{
"criteria": "cpe:2.3:a:punbb:private_messaging_system:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DF4F509E-7F4A-4169-8660-2754D29A5922"
},
{
"criteria": "cpe:2.3:a:punbb:private_messaging_system:1.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADB151A3-1868-4EFA-A83F-1797696F6B83"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:punbb:punbb:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F9B94FB2-2C83-42D6-BECC-D39E97594CA4"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]