Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-5639

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2013-5639
Last Modified 12 Mar 2014 02:03:18
Published 11 Mar 2014 03:37:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-5639

Summary

Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the gnew_language cookie.

Vulnerable Systems

Application

  • Raoul Proenca Gnew 2013.1


References

MISC - https://www.htbridge.com/advisory/HTB23171

EXPLOIT-DB - 28684

MISC - http://packetstormsecurity.com/files/123482


Last Updated: 27 May 2016 10:56:46