exploitDog

GHSA-qjfc-4q6g-mh2f

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action.

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action.

Ссылки

EPSS

Процентиль: 81%

0.01589

Низкий

CVE ID

Дефекты

CWE-22

Связанные уязвимости

CVE-2009-4896

ubuntu

больше 15 лет назад

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action.

CVE-2009-4896

nvd

больше 15 лет назад

Multiple directory traversal vulnerabilities in the mlmmj-php-admin web interface for Mailing List Managing Made Joyful (mlmmj) 1.2.15 through 1.2.17 allow remote authenticated users to overwrite, create, or delete arbitrary files, or determine the existence of arbitrary directories, via a .. (dot dot) in a list name in a (1) edit or (2) save action.

CVE-2009-4896

debian

больше 15 лет назад

Multiple directory traversal vulnerabilities in the mlmmj-php-admin we ...

EPSS

Процентиль: 81%

0.01589

Низкий

CVE ID

Дефекты

CWE-22