exploitDog

GHSA-fq3w-x7pq-5jx7

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].

Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].

Ссылки

EPSS

Процентиль: 96%

0.22068

Средний

CVE ID

Связанные уязвимости

CVE-2006-2770

nvd

больше 19 лет назад

Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) sequence in an index of the "file" array parameter, as demonstrated by file[0].

EPSS

Процентиль: 96%

0.22068

Средний

CVE ID