CVE-2009-3534

2009-10-0219:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.4%

JSON

Directory traversal vulnerability in index.php in LionWiki 3.0.3, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a … (dot dot) in the page parameter.

References

secunia.com/advisories/35774

www.exploit-db.com/exploits/9119

www.osvdb.org/55801

exchange.xforce.ibmcloud.com/vulnerabilities/51659