Количество 3
Количество 3
CVE-2006-0625
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file parameter to spip_acces_doc.php3.
CVE-2006-0625
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and e ...
GHSA-p4gj-wxqq-wmc7
Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file parameter to spip_acces_doc.php3.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2006-0625 Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file parameter to spip_acces_doc.php3. | CVSS2: 6.4 | 10% Низкий | почти 20 лет назад |
| CVE-2006-0625 Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and e ... | CVSS2: 6.4 | 10% Низкий | почти 20 лет назад |
| GHSA-p4gj-wxqq-wmc7 Directory traversal vulnerability in Spip_RSS.PHP in SPIP 1.8.2g and earlier allows remote attackers to read or include arbitrary files via ".." sequences in the GLOBALS[type_urls] parameter, which could then be used to execute arbitrary code via resultant direct static code injection in the file parameter to spip_acces_doc.php3. | 10% Низкий | почти 4 года назад |
Уязвимостей на страницу