Directory traversal

2017-09-1721:29:00

PRIOn knowledge base

www.prio-n.com

5.2 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

67.8%

JSON

Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php.

CPENameOperatorVersion
metinfoeq5.3.17

CPE	Name	Operator	Version
	metinfo	eq	5.3.17

References

github.com/phantom0301/vulns/blob/master/Metinfo2.md