Описание
Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing (1) ".." (dot dot backslash), (2) "../" (dot dot slash), (3) "/%2E%2E%5C" (encoded dot dot backslash), or (4) "%2E%2E%2F" (encoded dot dot slash).
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:minihttpserver.net:web_forums_server:1.6:*:*:*:*:*:*:*
cpe:2.3:a:minihttpserver.net:web_forums_server:2.0_power_pack:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00185
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in Web Forums Server 1.6 and 2.0 Power Pack allows remote attackers to read arbitrary files via a URL containing (1) "..\" (dot dot backslash), (2) "../" (dot dot slash), (3) "/%2E%2E%5C" (encoded dot dot backslash), or (4) "%2E%2E%2F" (encoded dot dot slash).
EPSS
Процентиль: 40%
0.00185
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other