CVE-2004-1407

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.security.org.sg/vuln/singapore0910.html", "name": "http://www.security.org.sg/vuln/singapore0910.html", "tags": [], "refsource": "MISC"}, {"url": "http://www.securityfocus.com/bid/11990", "name": "11990", "tags": ["Patch"], "refsource": "BID"}, {"url": "http://marc.info/?l=bugtraq&m=110323479715051&w=2", "name": "20041216 [SIG^2 G-TEC] singapore Image Gallery Web Application v0.9.10 Multiple Vulnerabilities", "tags": [], "refsource": "BUGTRAQ"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18532", "name": "singapore-adminclass-directory-traversal(18532)", "tags": [], "refsource": "XF"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18528", "name": "singapore-thumb-directory-traversal(18528)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple directory traversal vulnerabilities in singapore Image Gallery Web Application 0.9.10 allow remote attackers to (1) read arbitrary files via the showThumb method for thumb.php, or (2) delete arbitrary files via admin.class.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2004-1407", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2004-12-31T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:singapore:image_gallery_web_application:0.9.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:31Z"}