Vulmon Recent Vulnerabilities Discussions Trends Blog About Contact
5
CVSSv2

CVE-2013-2619

Published: 18/03/2014 Updated: 29/08/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Directory traversal vulnerability in Aspen prior to 0.22 allows remote attackers to read arbitrary files via a .. (dot dot) to the default URI.

Affected Products

Vendor Product Versions
AspenAspen0.8

Exploits

Exploit DB: Aspen 0.8 - Directory Traversal
Aspen 08 - Directory Traversal Earlier versions are also possibly vulnerable INFORMATION Product: Aspen 08 Remote-exploit: yes Vendor-URL: wwwzetadevcom/software/aspen/ Discovered by: Daniel Ricardo dos Santos CVE Request - 15/03/2013 CVE Assign - 18/03/2013 CVE Number - CVE-2013-2619 Vendor notification - 18/03/2013 Vendor reply - N ...

Mailing Lists

Packetstorm: Aspen 0.8 Directory Traversal
Aspen version 08 suffers from a directory traversal vulnerability ...

References

CWE-22http://packetstormsecurity.com/files/121035/Aspen-0.8-Directory-Traversal.htmlhttp://seclists.org/fulldisclosure/2013/Apr/2http://www.exploit-db.com/exploits/24915http://www.securityfocus.com/bid/58794https://exchange.xforce.ibmcloud.com/vulnerabilities/83185https://www.rapid7.com/db/vulnerabilities/aspen-directory-traversalhttps://www.exploit-db.com/exploits/24915/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2019-15932crucibleCVE-2019-14899CVE-2019-2310atlassianreflected XSSrace conditionCVE-2019-5090CVE-2019-11157CVE-2019-19581