Vulnerability CVE-2008-6786
Published: 2009-05-01   Modified: 2012-02-12

Description:
Multiple directory traversal vulnerabilities in geekigeeki.py in GeekiGeeki before 3.0 allow remote attackers to read arbitrary files via directory traversal sequences in a pagename argument in the (1) handle_edit and (2) handle_raw functions.

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Codewiz -> Geekigeeki 

 References:
http://www.codewiz.org/wikigit/geekigeeki.git/blobdiff/92e45c3ce9260c69b4201d877c0f2e431024a52e..5f99f96a7a102bb8f2c491dd1e11fe8686c7c0a0:/geekigeeki.py
http://www.codewiz.org/wikigit/geekigeeki.git?a=commit;h=5f99f96a7a102bb8f2c491dd1e11fe8686c7c0a0
http://www.securityfocus.com/bid/32831
https://exchange.xforce.ibmcloud.com/vulnerabilities/47375
Copyright 2024, cxsecurity.com

 

Back to Top