exploitDog

GHSA-83p7-p639-qm82

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.

Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.

Ссылки

EPSS

Процентиль: 94%

0.12347

Средний

CVE ID

Связанные уязвимости

CVE-2007-1539

nvd

почти 19 лет назад

Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.

EPSS

Процентиль: 94%

0.12347

Средний

CVE ID