{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-06T10:26:13.320","vulnerabilities":[{"cve":{"id":"CVE-2012-1617","sourceIdentifier":"secalert@redhat.com","published":"2012-09-26T00:55:01.097","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in combine.php in OSClass before 2.3.6 allows remote attackers to read and write arbitrary files via a .. (dot dot) in the type parameter.  NOTE: this vulnerability can be leveraged to upload arbitrary files."},{"lang":"es","value":"Vulnerabilidad de salto de directorio en combine.php en OSClass antes de v2.3.6, permite a atacantes remotos leer y escribir archivos de su elección a través de un .. (punto punto) en el parámetro type. NOTA: esta vulnerabilidad se puede aprovechar para subir archivos arbitrarios."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:*:*:*:*:*:*:*:*","versionEndIncluding":"2.3.5","matchCriteriaId":"8A385C7F-A038-42A9-B9B1-C0EC78B005CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:1.1:*:*:*:*:*:*:*","matchCriteriaId":"8A0C9D77-644D-4AE2-881E-6C14825886F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:1.1:rc:*:*:*:*:*:*","matchCriteriaId":"EABC0861-6C9B-40B9-9871-2E158DC19CFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:1.2:alpha:*:*:*:*:*:*","matchCriteriaId":"E4D7E60A-743A-4CC2-A3AC-09E7DE8115CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:1.2:beta:*:*:*:*:*:*","matchCriteriaId":"99A04C8A-5E76-4FE6-B8CA-5FDD56912496"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:1.2:delta:*:*:*:*:*:*","matchCriteriaId":"BD619E64-845F-40E2-A311-15DAEA693C66"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.0:*:*:*:*:*:*:*","matchCriteriaId":"6E691EBA-D635-4C46-8F4C-14E3C653E190"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.0:rc:*:*:*:*:*:*","matchCriteriaId":"5947B545-716D-4614-B7CE-197F13CDD11F"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"C1B2493D-C760-4538-9842-4CF8E70DA0DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"8CFE4EB5-F8D6-4A77-B3E4-188B8954EA23"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.0.3:*:*:*:*:*:*:*","matchCriteriaId":"F7ACDE37-2C18-4FB5-943F-4F8A537F1CB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.1:*:*:*:*:*:*:*","matchCriteriaId":"7E4443D3-EE5C-4AF7-8E18-A63DA8815E29"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.1.1:*:*:*:*:*:*:*","matchCriteriaId":"6698BFB3-F335-4D0A-A8DC-BE21B3E8FBE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.2:*:*:*:*:*:*:*","matchCriteriaId":"766E444D-A072-4E49-A4F2-6A5694AA9809"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.2.1:*:*:*:*:*:*:*","matchCriteriaId":"BED47F6E-1F40-473F-AF7D-6EE8768092C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.2.2:*:*:*:*:*:*:*","matchCriteriaId":"34DB73BA-8CC6-4850-A17A-5E884D60E77E"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.2.3:*:*:*:*:*:*:*","matchCriteriaId":"CE27453E-19F6-4492-BF84-C9245A7BF57E"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.3:*:*:*:*:*:*:*","matchCriteriaId":"C6DC1AE9-D118-4E5A-BAD4-D3DC968E6B46"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"087D8F16-EFC6-4064-8D03-95E6D8568794"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.3.2:*:*:*:*:*:*:*","matchCriteriaId":"63D9548C-48EE-499A-9719-56EC25E8DC09"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.3.3:*:*:*:*:*:*:*","matchCriteriaId":"B1BC833E-8126-42C5-B21A-A0065F58C11F"},{"vulnerable":true,"criteria":"cpe:2.3:a:juan_ramon:osclass:2.3.4:*:*:*:*:*:*:*","matchCriteriaId":"6712C780-3A74-4733-A453-A776244CA9A2"}]}]}],"references":[{"url":"http://archives.neohapsis.com/archives/bugtraq/2012-03/0024.html","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://osclass.org/2012/03/05/osclass-2-3-6/","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://secunia.com/advisories/48284","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://www.codseq.it/advisories/osclass_directory_traversal_vulnerability","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2012/04/02/1","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2012/04/02/6","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2012/04/03/1","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2012/04/04/7","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://www.securityfocus.com/bid/52336","source":"secalert@redhat.com","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/73754","source":"secalert@redhat.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/73755","source":"secalert@redhat.com"},{"url":"https://github.com/osclass/OSClass/commit/1e7626f4e1a26371480989c0b937f107ea9a6d4b","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"https://github.com/osclass/OSClass/commit/a40b76695994442644e46e1b776d79660500566a","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"https://github.com/osclass/OSClass/commit/ff7ef8a97301aaaf6a97fe46c2c27981a86b4e2f#diff-1","source":"secalert@redhat.com","tags":["Exploit","Patch"]},{"url":"http://archives.neohapsis.com/archives/bugtraq/2012-03/0024.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://osclass.org/2012/03/05/osclass-2-3-6/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://secunia.com/advisories/48284","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.codseq.it/advisories/osclass_directory_traversal_vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2012/04/02/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2012/04/02/6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2012/04/03/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://www.openwall.com/lists/oss-security/2012/04/04/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"http://www.securityfocus.com/bid/52336","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/73754","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/73755","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/osclass/OSClass/commit/1e7626f4e1a26371480989c0b937f107ea9a6d4b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"https://github.com/osclass/OSClass/commit/a40b76695994442644e46e1b776d79660500566a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]},{"url":"https://github.com/osclass/OSClass/commit/ff7ef8a97301aaaf6a97fe46c2c27981a86b4e2f#diff-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]}]}}]}