Описание
Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator's account name and password, via a .. (dot dot) in the post parameter.
Ссылки
- ExploitVendor Advisory
- Vendor Advisory
- URL Repurposed
- Exploit
- ExploitVendor Advisory
- Vendor Advisory
- URL Repurposed
- Exploit
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:noah_medling:rcblog:1.03:*:*:*:*:*:*:*
EPSS
Процентиль: 76%
0.00961
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in index.php in Noah Medling RCBlog 1.03 allows remote attackers to read arbitrary .txt files, possibly including one that stores the administrator's account name and password, via a .. (dot dot) in the post parameter.
EPSS
Процентиль: 76%
0.00961
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other