Описание
A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /getImage. The manipulation of the argument filePaht leads to path traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
Ссылки
- Permissions RequiredThird Party Advisory
- Third Party Advisory
- Permissions RequiredThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:album_lock_project:album_lock:4.0:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 17%
0.00055
Низкий
4.4 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-22
CWE-22
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /getImage. The manipulation of the argument filePaht leads to path traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
EPSS
Процентиль: 17%
0.00055
Низкий
4.4 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-22
CWE-22