exploitDog

GHSA-32gf-9929-gmj6

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.

Ссылки

EPSS

Процентиль: 95%

0.17865

Средний

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2005-4600

nvd

почти 20 лет назад

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.

CVE-2005-4600

debian

почти 20 лет назад

Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Comp ...

EPSS

Процентиль: 95%

0.17865

Средний

CVE ID

Дефекты

CWE-22