CVE-2009-2552

critical

Description

Multiple directory traversal vulnerabilities in comments.php in Super Simple Blog Script 2.5.4 allow remote attackers to overwrite, include, and execute arbitrary local files via the entry parameter.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/51805

http://www.exploit-db.com/exploits/9179

http://secunia.com/advisories/35859

Details

Source: Mitre, NVD

Published: 2009-07-20

Updated: 2026-06-16

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00951