Описание
include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks.
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 0.92 (включая)
cpe:2.3:a:webfwlog:webfwlog:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.1119
Средний
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that this issue can be exploited to conduct directory traversal attacks.
EPSS
Процентиль: 93%
0.1119
Средний
9.3 Critical
CVSS2
Дефекты
NVD-CWE-Other