CVE-2009-1090

Опубликовано: 25 мар. 2009

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Directory traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uploaded parameter.

Ссылки

http://osvdb.org/52753
http://secunia.com/advisories/34300
Vendor Advisory
http://security.bkis.vn/?p=345
http://www.securityfocus.com/archive/1/501854/100/0/threaded
http://www.securityfocus.com/bid/34119
https://exchange.xforce.ibmcloud.com/vulnerabilities/49256
http://osvdb.org/52753
http://secunia.com/advisories/34300
Vendor Advisory
http://security.bkis.vn/?p=345
http://www.securityfocus.com/archive/1/501854/100/0/threaded
http://www.securityfocus.com/bid/34119
https://exchange.xforce.ibmcloud.com/vulnerabilities/49256

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:rapidleech:rapidleech:*:*:*:*:*:*:*:*

Версия до rev.36 (включая)

EPSS

Процентиль: 52%

0.00288

Низкий

6.8 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-r63v-qxc3-qj5f

github

почти 4 года назад