Multiple directory traversal vulnerabilities in Pyrophobia 2.1.3.1 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) act or (2) pid parameter to the top-level URI (index.php), or the (3) action parameter to admin/index.php. NOTE: some of these details are obtained from third party information.
References
Configurations
Information
Published : 2007-03-02 13:18
Updated : 2017-10-10 18:31
NVD link : CVE-2007-1152
Mitre link : CVE-2007-1152
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
pyrophobia
- pyrophobia