Описание
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php.
Ссылки
- Third Party Advisory
- Exploit
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- VDB Entry
- Third Party Advisory
- Exploit
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- VDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:webgrind_project:webgrind:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.17169
Средний
5 Medium
CVSS2
Дефекты
CWE-22
Связанные уязвимости
github
больше 3 лет назад
Absolute path traversal vulnerability in Webgrind 1.0 and 1.0.2 allows remote attackers to read arbitrary files via a full pathname in the file parameter to index.php.
EPSS
Процентиль: 95%
0.17169
Средний
5 Medium
CVSS2
Дефекты
CWE-22