Описание
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:opengoo:opengoo:1.1:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.0164
Низкий
2.6 Low
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
почти 4 года назад
Directory traversal vulnerability in upgrade/index.php in OpenGoo 1.1, when register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the form_data[script_class] parameter.
EPSS
Процентиль: 82%
0.0164
Низкий
2.6 Low
CVSS2
Дефекты
CWE-22