CVE-2018-18713 - OpenCVE

The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Phpyun	Phpyun

Configuration 1 [-]

cpe:2.3:a:phpyun:phpyun:4.6:*:*:*:*:*:*:*

References

Link	Resource
http://jlkl.github.io/2018/10/25/CVE_02/	Broken Link Third Party Advisory
http://str3am.me/2018/10/25/CVE_02/	Broken Link Third Party Advisory URL Repurposed

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2018-10-27T22:00:00

Updated: 2018-10-27T22:57:01

Reserved: 2018-10-27T00:00:00

Link: CVE-2018-18713

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-10-29T12:29:06.150

Modified: 2024-02-14T01:17:43.863

Link: CVE-2018-18713

JSON object: View

Redhat Information

No data.

CWE

CWE-22

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:phpyun:phpyun:4.6:*:*:*:*:*:*:*", "matchCriteriaId": "3F336726-7561-4C71-8D71-9D7D29138BCA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI."}, {"lang": "es", "value": "La funci\u00f3n down_sql_action() en /admin/model/database.class.php en PHPYun 4.6 permite que atacantes remotos lean archivos arbitrarios mediante un salto de directorio en un URI m=databasec=down_sqlname=../."}], "id": "CVE-2018-18713", "lastModified": "2024-02-14T01:17:43.863", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-10-29T12:29:06.150", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "http://jlkl.github.io/2018/10/25/CVE_02/"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "URL Repurposed"], "url": "http://str3am.me/2018/10/25/CVE_02/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}