Описание
Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists.
Ссылки
- Broken LinkExploit
- Broken LinkExploit
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkPermissions RequiredThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingThird Party Advisory
- Broken LinkExploit
- Broken LinkExploit
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkPermissions RequiredThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
EPSS
5 Medium
CVSS2
Дефекты
Связанные уязвимости
Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists.
Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 all ...
phpSysInfo allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence
EPSS
5 Medium
CVSS2