Описание
Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:pragmamx:landkarten:2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.12347
Средний
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in inc/map.func.php in pragmaMX Landkarten 2.1 module allows remote attackers to include arbitrary files via a .. (dot dot) sequence in the module_name parameter, as demonstrated via a static PHP code injection attack in an Apache log file.
EPSS
Процентиль: 94%
0.12347
Средний
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other