Описание
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | released | 2.1-7 |
| edgy | released | 2.1-1ubuntu0.2 |
| feisty | released | 2.1-7 |
| gutsy | released | 2.1-7 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux be ...
Directory traversal vulnerability in viewnfo.php in (1) TorrentFlux before 2.2 and (2) torrentflux-b4rt before 2.1-b4rt-972 allows remote authenticated users to read arbitrary files via .. (dot dot) sequences in the path parameter, a different vector than CVE-2006-6328.
EPSS
6.5 Medium
CVSS2