Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4031

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2012-4031
Last Modified 24 Aug 2012 12:00:00
Published 17 Jul 2012 05:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4031

Summary

Multiple directory traversal vulnerabilities in src/acloglogin.php in Wangkongbao CNS-1000 and 1100 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) lang or (2) langid cookie to port 85.

Vulnerable Systems


References

XF - wangkongbao-acloglogin-directory-traversal(76682)

BID - 54267

EXPLOIT-DB - 19526

SECUNIA - 49776

OSVDB - 83636


Last Updated: 27 May 2016 10:57:33