Описание
Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a file name.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.9.5-1ubuntu2 |
| hardy | ignored | end of life |
| lucid | released | 1.9.2-2ubuntu3.3 |
| oneiric | released | 1.9.3-1ubuntu1.11.10.2 |
| precise | released | 1.9.3-1ubuntu2.2 |
| quantal | released | 1.9.3-1ubuntu3.1 |
| upstream | released | 1.9.6 |
Показывать по
10
EPSS
Процентиль: 81%
0.01547
Низкий
6.4 Medium
CVSS2
Связанные уязвимости
nvd
около 13 лет назад
Directory traversal vulnerability in the _do_attachment_move function in the AttachFile action (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a file name.
debian
около 13 лет назад
Directory traversal vulnerability in the _do_attachment_move function ...
EPSS
Процентиль: 81%
0.01547
Низкий
6.4 Medium
CVSS2