7.5 High
AI Score
Confidence
Low
5.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:H/Au:N/C:C/I:N/A:N
0.008 Low
EPSS
Percentile
81.3%
Directory traversal vulnerability in randompic.php in pppBLOG 0.3.8 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a β¦ (dot dot) sequence in an index of the βfileβ array parameter, as demonstrated by file[0].
CPE | Name | Operator | Version |
---|---|---|---|
pppblog:pppblog | pppblog | le | 0.3.8 |
retrogod.altervista.org/pppblog_038_xpl.html
secunia.com/advisories/20375
securityreason.com/securityalert/1015
securitytracker.com/id?1016198
www.securityfocus.com/archive/1/435406/100/0/threaded
www.securityfocus.com/bid/18189
www.vupen.com/english/advisories/2006/2085
exchange.xforce.ibmcloud.com/vulnerabilities/26969