2 matches found
CVE-2003-1239
Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter...
WihPhoto sendphoto.php Traversal Arbitrary File Access
It is possible to make the remote host mail any file contained on its hard drive by using a flaw in WihPhoto's 'util/email.php' script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Refs: http://www.frog-man.org/tutos/WihPhoto.txt From: "Frog Man" To: [email protected] Subject:...