Описание
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | not-affected | |
| hardy | released | 1.7.0-1+lenny1build0.8.04.1 |
| karmic | not-affected | 1.7.2+1.7.3-1 |
| lucid | not-affected | |
| maverick | not-affected | |
| upstream | released | 1.7.2+1.7.3-1 |
Показывать по
Ссылки на источники
EPSS
6.5 Medium
CVSS2
Связанные уязвимости
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Directory traversal vulnerability in op/op.Login.php in LetoDMS (forme ...
Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Уязвимости операционной системы Debian GNU/Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность, целостность и доступность защищаемой информации
EPSS
6.5 Medium
CVSS2