Directory traversal

2007-10-0918:17:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Multiple directory traversal vulnerabilities in SkaDate 5.0 and 6.0, and possibly later versions such as 6.482, allow remote attackers to read arbitrary files via a … (dot dot) in the view_mode parameter to (1) featured_list.php and (2) online_list.php in member/.

CPENameOperatorVersion
skadate_online_dating_softwareeq6.0
skadate_online_dating_softwareeq6.482
skadate_online_dating_softwareeq5.0

Name	Operator	Version
skadate_online_dating_software	eq	6.0
skadate_online_dating_software	eq	6.482
skadate_online_dating_software	eq	5.0

References

osvdb.org/38456

osvdb.org/38457

secunia.com/advisories/27114

www.securityfocus.com/bid/25954

www.vupen.com/english/advisories/2007/3432

exchange.xforce.ibmcloud.com/vulnerabilities/37001

www.exploit-db.com/exploits/4493