Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0331

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2009-0331
Last Modified 30 Jan 2009 12:00:00
Published 29 Jan 2009 01:30:02
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-0331

Summary

Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG.

Vulnerable Systems

Application

  • Quirm Espg 1.72


References

XF - espg-comment-directory-traversal(48087)

BID - 33335

MILW0RM - 7819


Last Updated: 27 May 2016 10:50:12