Published: 28/01/2014 Updated: 21/02/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in gmap/view_overlay.php in Bitweaver 2.8.1 and previous versions allows remote malicious users to read arbitrary files via "''%2F" (dot dot encoded slash) sequences in the overlay_type parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
bitweaver bitweaver 2.7
bitweaver bitweaver 2.6
bitweaver bitweaver 2.5
bitweaver bitweaver 2.0.2
bitweaver bitweaver 1.1
bitweaver bitweaver
bitweaver bitweaver 2.0.0
bitweaver bitweaver 1.3
bitweaver bitweaver 1.1.1_beta
bitweaver bitweaver 1.3.1
bitweaver bitweaver 1.2.1

Trustwave SpiderLabs Security Advisory TWSL2012-016: Multiple Vulnerabilities in Bitweaver Published: 10/23/2012 Version: 10 Vendor: Bitweaver (wwwbitweaverorg/) Product: Bitweaver Version affected: 281 and earlier versions Product description: Bitweaver is a free and open source web application framework and content management syste ...

Bitweaver version 281 suffers from local file inclusion and multiple cross site scripting vulnerabilities ...

CWE-22 https://www.trustwave.com/spiderlabs/advisories/TWSL2012-016.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/22216/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-5192

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect