Описание
Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter.
Комментарий
Successful exploitation requires that "magic_quotes_gpc" is disabled.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:verlihub-project:verlihub_control_panel:1.7:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06986
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in index.php in Verlihub Control Panel (VHCP) 1.7 and earlier allows remote attackers to include arbitrary files via a .. (dot dot) in the page parameter.
EPSS
Процентиль: 91%
0.06986
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22