Directory traversal

2009-01-2815:30:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.9%

JSON

Directory traversal vulnerability in defs.php in PHPcounter 1.3.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to include and execute arbitrary local files via a … (dot dot) in the l parameter.

CPENameOperatorVersion
phpcountereq1.2.7
phpcountereq1.2.0
phpcountereq1.2.5
phpcountereq1.2.4
phpcountereq1.2.2
phpcounterle1.3.2
phpcountereq1.3.1
phpcountereq1.2.6
phpcountereq1.2.3
phpcountereq1.2.1

Name	Operator	Version
phpcounter	eq	1.2.7
phpcounter	eq	1.2.0
phpcounter	eq	1.2.5
phpcounter	eq	1.2.4
phpcounter	eq	1.2.2
phpcounter	le	1.3.2
phpcounter	eq	1.3.1
phpcounter	eq	1.2.6
phpcounter	eq	1.2.3
phpcounter	eq	1.2.1