Описание
Directory traversal vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter. NOTE: this issue is disputed for 8.0.2 by a reliable third party, who notes that the PHP code is syntactically incorrect and cannot be executed
Ссылки
Уязвимые конфигурации
Конфигурация 1Версия до 8.0.2 (включая)
cpe:2.3:a:phpmyconferences:phpmyconferences:*:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.0022
Низкий
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
** DISPUTED ** Directory traversal vulnerability in PageTraiteDownload.php in phpMyConferences 8.0.2 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter. NOTE: this issue is disputed for 8.0.2 by a reliable third party, who notes that the PHP code is syntactically incorrect and cannot be executed.
EPSS
Процентиль: 44%
0.0022
Низкий
5 Medium
CVSS2
Дефекты
CWE-22