Vulnerability Description
Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter.
CVSS Score
6.8
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Supersimple | Super Simple Blog Script | 2.5.4 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/35859Vendor Advisory
- http://www.exploit-db.com/exploits/9179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51805
- http://secunia.com/advisories/35859Vendor Advisory
- http://www.exploit-db.com/exploits/9179
- https://exchange.xforce.ibmcloud.com/vulnerabilities/51805
FAQ
What is CVE-2009-2552?
CVE-2009-2552 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter.
How severe is CVE-2009-2552?
CVE-2009-2552 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2552?
Check the references section above for vendor advisories and patch information. Affected products include: Supersimple Super Simple Blog Script.