CVE-2006-1224

2006-03-1411:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

High

EPSS

0.006

Percentile

78.5%

JSON

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a “%2E.” (mixed encoding) in the pg parameter.

References

secunia.com/advisories/19222

securityreason.com/securityalert/569

securitytracker.com/id?1015753

www.freeguppy.org/?lng=en

www.kapda.ir/advisory-291.html

www.osvdb.org/23846

www.osvdb.org/23993

www.securityfocus.com/archive/1/427329/100/0/threaded

www.securityfocus.com/bid/17068

www.vupen.com/english/advisories/2006/0936

exchange.xforce.ibmcloud.com/vulnerabilities/25141