Описание
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
Ссылки
- Vendor Advisory
- Exploit
- Vendor Advisory
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:lightneasy:lightneasy:1.2.2:*:no_database:*:*:*:*:*
cpe:2.3:a:sqlite:sqlite:1.2.2:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.05036
Низкий
7.5 High
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
EPSS
Процентиль: 89%
0.05036
Низкий
7.5 High
CVSS2
Дефекты
CWE-22