Описание
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.
Ссылки
- PatchVendor Advisory
- Patch
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Patch
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.9.16.015 (включая)
Одно из
cpe:2.3:a:phpgroupware:phpgroupware:*:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.000:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.001:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.002:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.003:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.005:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.010:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.011:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.012:*:*:*:*:*:*:*
cpe:2.3:a:phpgroupware:phpgroupware:0.9.16.014:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00659
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
ubuntu
больше 15 лет назад
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.
debian
больше 15 лет назад
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) ...
github
больше 3 лет назад
Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the app parameter.
EPSS
Процентиль: 70%
0.00659
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-22