Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2925

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2009-2925
Last Modified 21 Aug 2009 12:00:00
Published 21 Aug 2009 07:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-2925

Summary

Directory traversal vulnerability in DJcalendar.cgi in DJCalendar allows remote attackers to read arbitrary files via a .. (dot dot) in the TEMPLATE parameter.

Vulnerable Systems

Application

  • Djcalendar -


References

XF - djcalendar-djcalendar-dir-traversal(52463)

MILW0RM - 9140


Last Updated: 27 May 2016 10:51:04