exploitDog

GHSA-59wq-ggq3-g83f

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php.

Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php.

Ссылки

EPSS

Процентиль: 61%

0.00414

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2009-4415

ubuntu

почти 16 лет назад

Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php.

CVE-2009-4415

nvd

почти 16 лет назад

Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12, and possibly other versions before 0.9.16.014, allow remote attackers to (1) read arbitrary files via the csvfile parameter to addressbook/csv_import.php, or (2) include and execute arbitrary local files via the conv_type parameter in addressbook/inc/class.uiXport.inc.php.

CVE-2009-4415

debian

почти 16 лет назад

Multiple directory traversal vulnerabilities in phpGroupWare 0.9.16.12 ...

EPSS

Процентиль: 61%

0.00414

Низкий

CVE ID

Дефекты

CWE-22