CVE-2018-18703

{"id": "CVE-2018-18703", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2018-10-29T12:29:05.057", "references": [{"url": "https://packetstormsecurity.com/files/149965/PHPTPoint-Mailing-Server-Using-File-Handling-1.0-Arbitrary-File-Read.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory traversal, bypassing the login page, as demonstrated by the Mailserver_filesystem/home.php coninb, consent, contrsh, condrft, or conspam parameter."}, {"lang": "es", "value": "PhpTpoint Mailing Server Using File Handling 1.0 sufre de m\u00faltiples vulnerabilidades de lectura de archivos arbitrarios en diferentes secciones que permiten que un atacante lea archivos sensibles en el sistema mediante un salto de directorio, omitiendo la p\u00e1gina de inicio de sesi\u00f3n. Esto queda demostrado por los par\u00e1metros coninb, consent, contrsh, condrft o conspam en Mailserver_filesystem/home.php."}], "lastModified": "2018-12-04T19:02:48.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:phptpoint:mailing_server_using_file_handling:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0D021A6-5332-4AA6-A22A-CA8F0A867FBB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}