Описание
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
Ссылки
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
- Vendor Advisory
- Exploit
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:phppgadmin:phppgadmin:3.1:*:*:*:*:*:*:*
cpe:2.3:a:phppgadmin:phppgadmin:3.2:*:*:*:*:*:*:*
cpe:2.3:a:phppgadmin:phppgadmin:3.3:*:*:*:*:*:*:*
cpe:2.3:a:phppgadmin:phppgadmin:3.4:*:*:*:*:*:*:*
cpe:2.3:a:phppgadmin:phppgadmin:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:phppgadmin:phppgadmin:3.5.3:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12524
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
около 20 лет назад
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
debian
около 20 лет назад
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 a ...
github
больше 3 лет назад
Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via "%2e%2e%2f" (encoded dot dot) sequences in the formLanguage parameter.
EPSS
Процентиль: 94%
0.12524
Средний
5 Medium
CVSS2
Дефекты
NVD-CWE-Other