Directory traversal

2009-06-1821:30:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.6%

JSON

Multiple directory traversal vulnerabilities in DB Top Sites 1.0, when magic_quotes_gpc is disabled, allow remote attackers to include and execute arbitrary local files via a … (dot dot) in the u parameter to (1) full.php, (2) index.php, and (3) contact.php.

CPENameOperatorVersion
db_top_siteseq1.0

CPE	Name	Operator	Version
	db_top_sites	eq	1.0

References

osvdb.org/55116

osvdb.org/55117

osvdb.org/55118

secunia.com/advisories/35419

exchange.xforce.ibmcloud.com/vulnerabilities/51120

www.exploit-db.com/exploits/8952