Описание
Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:easyguppy:easyguppy:4.5.4:*:*:*:*:*:*:*
cpe:2.3:a:easyguppy:easyguppy:4.5.5:*:*:*:*:*:*:*
EPSS
Процентиль: 43%
0.0021
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in printfaq.php in EasyGuppy (Guppy for Windows) 4.5.4 and 4.5.5 allows remote attackers to read arbitrary files via ".." sequences in the pg parameter, which is cleansed for XSS but not directory traversal.
EPSS
Процентиль: 43%
0.0021
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other