Directory traversal

2007-11-0519:46:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.6%

JSON

Directory traversal vulnerability in forum.php in Ben Ng Scribe 0.2 and earlier allows remote attackers to create or overwrite arbitrary files via a … (dot dot) in the username parameter in a Register action.

CPENameOperatorVersion
scribeeq0.2

CPE	Name	Operator	Version
	scribe	eq	0.2

References

osvdb.org/39063

securityreason.com/securityalert/3339

www.inj3ct-it.org/exploit/scribe.txt

www.securityfocus.com/archive/1/483183/100/0/threaded

www.exploit-db.com/exploits/4596