Directory traversal

2008-04-0217:44:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.023 Low

EPSS

Percentile

89.8%

JSON

Directory traversal vulnerability in view_private.php in Keep It Simple Guest Book (KISGB) 5.0.0 and earlier allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the tmp_theme parameter. NOTE: 5.1.1 is also reportedly affected.

CPENameOperatorVersion
keep_it_simple_guest_bookle5.1.1

CPE	Name	Operator	Version
	keep_it_simple_guest_book	le	5.1.1

References

www.securityfocus.com/bid/28513

exchange.xforce.ibmcloud.com/vulnerabilities/41525

www.exploit-db.com/exploits/5324