exploitDog

CVE-2003-1489

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.

Ссылки

http://marc.info/?l=vulnwatch&m=105128431109082&w=2
http://secunia.com/advisories/8683
Vendor Advisory
http://marc.info/?l=vulnwatch&m=105128431109082&w=2
http://secunia.com/advisories/8683
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:truegalerie:truegalerie:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 47%

0.00244

Низкий

5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-wxvq-px52-9jqq

github

почти 4 года назад

upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.

EPSS

Процентиль: 47%

0.00244

Низкий

5 Medium

CVSS2

Дефекты

CWE-287