CVE-2013-3598

EUVD-2013-3532
Directory traversal vulnerability in servlet/CreateTemplateServlet in SearchBlox before 7.5 build 1 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the name parameter.
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
searchbloxsearchblox
𝑥
≤ 7.5
searchbloxsearchblox
6.2:build_1
searchbloxsearchblox
6.3:build_1
searchbloxsearchblox
6.4:build_1
searchbloxsearchblox
6.4:build_2
searchbloxsearchblox
7.0
searchbloxsearchblox
7.1
searchbloxsearchblox
7.2
searchbloxsearchblox
7.3
searchbloxsearchblox
7.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://buddhalabs.com/Advisories/WebAdvisories.html
http://osvdb.org/96619
http://www.kb.cert.org/vuls/id/592942
http://www.searchblox.com/developers-2/change-log
http://buddhalabs.com/Advisories/WebAdvisories.html
http://osvdb.org/96619
http://www.kb.cert.org/vuls/id/592942
http://www.searchblox.com/developers-2/change-log