Описание
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2011-2744
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68564
- http://osvdb.org/73890
- http://secunia.com/advisories/45184
- http://securityreason.com/securityalert/8312
- http://www.justanotherhacker.com/advisories/JAHx113.txt
- http://www.ocert.org/advisories/ocert-2011-001.html
- http://www.openwall.com/lists/oss-security/2011/07/13/5
- http://www.openwall.com/lists/oss-security/2011/07/13/6
- http://www.securityfocus.com/archive/1/518890/100/0/threaded
- http://www.securityfocus.com/bid/48672
Связанные уязвимости
nvd
больше 14 лет назад
Directory traversal vulnerability in Chyrp 2.1 and earlier allows remote attackers to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.