CVE-2007-5444

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-5444
CMS Made Simple 1.1.3.1 allows remote attackers to obtain the full path via a direct request for unspecified files.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://osvdb.org/41033
http://securityreason.com/securityalert/3223
http://www.securityfocus.com/archive/1/481984/100/0/threaded
http://osvdb.org/41033
http://securityreason.com/securityalert/3223
http://www.securityfocus.com/archive/1/481984/100/0/threaded
Configurations

Configuration 1 (hide)

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*
History

21 Nov 2024, 00:37

Type Values Removed Values Added
References () http://osvdb.org/41033 - () http://osvdb.org/41033 -
References () http://securityreason.com/securityalert/3223 - () http://securityreason.com/securityalert/3223 -
References () http://www.securityfocus.com/archive/1/481984/100/0/threaded - () http://www.securityfocus.com/archive/1/481984/100/0/threaded -
Information

Published : 2007-10-14 18:17

Updated : 2025-04-09 00:30

NVD link : CVE-2007-5444

Mitre link : CVE-2007-5444

CVE.ORG link : CVE-2007-5444

JSON object : View

Products Affected

cmsmadesimple

  • cms_made_simple
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor