AI Score
Confidence
Low
EPSS
Percentile
51.8%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.
[
{
"cpes": [
"cpe:2.3:a:phpvibe:phpvibe:11.0.3:*:*:*:*:*:*:*"
],
"vendor": "phpvibe",
"product": "phpvibe",
"versions": [
{
"status": "affected",
"version": "11.0.3",
"versionType": "custom",
"lessThanOrEqual": "11.0.46"
}
],
"defaultStatus": "unknown"
}
]