Описание
Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter.
Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-4092
- http://lostmon.blogspot.com/2007/07/ifoto-traversal-folder-enumeration.html
- http://secunia.com/advisories/26186
- http://www.securityfocus.com/archive/1/497027/100/0/threaded
- http://www.securityfocus.com/archive/1/497113/100/0/threaded
- http://www.securityfocus.com/bid/25065
EPSS
Процентиль: 88%
0.03936
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. (dot dot) in the dir parameter.
EPSS
Процентиль: 88%
0.03936
Низкий