[Japanese]

JVNDB-2007-000260

Shihonkanri Plus Ver2 GOOUT directory traversal vulnerability

Overview

Shihonkanri Plus Ver2 GOOUT is open source software which enables a user to view data from Shihonkanri Plus via network. Shihonkanri Plus Ver2 GOOUT contains a directory traversal vulnerability.
CVSS Severity (What is CVSS?)

CVSS V2 Severity:
Base Metrics 5.0 (Medium) [IPA Score]
  • Access Vector: Network
  • Access Complexity: Low
  • Authentication: None
  • Confidentiality Impact: Partial
  • Integrity Impact: None
  • Availability Impact: None
Affected Products


EKAKIN
  • shihonkanri Plus GOOUT Ver2 GOOUT Ver2.1.7 and earlier

Impact

A remote attacker could access files on the server on which Shihonkanri Plus Ver2 GOOUT is installed without authentication. This could lead to unintentional disclosure of file contents.
Solution

Vendor Information

EKAKIN
CWE (What is CWE?)

CVE (What is CVE?)

References

  1. JVN : JVN#62334841
Revision History

  • [2008/05/21]
      Web page published