ID CVE-2007-2539
Summary The show_files function in RunCms 1.5.2 and earlier allows remote attackers to obtain sensitive information (file existence and file metadata) via unspecified vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
    cpe:2.3:a:runcms:runcms:*:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 16-10-2018 - 16:44)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:N/A:N
refmap via4
bid 23819
bugtraq 20070504 RunCms <= 1.5.2 debug_show.php sql injection
exploit-db 3850
misc http://retrogod.altervista.org/runcms_152_sql.html
osvdb 35783
sreason 2671
vupen ADV-2007-1669
Last major update 16-10-2018 - 16:44
Published 09-05-2007 - 01:19
Last modified 16-10-2018 - 16:44
Back to Top