CVE-2009-4672

Directory traversal vulnerability in main.php in the WP-Lytebox plugin 1.3 for WordPress allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pg parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:grupenet:wp-lytebox:1.3:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Information

Published : 2010-03-05 10:30

Updated : 2017-09-18 18:30


NVD link : CVE-2009-4672

Mitre link : CVE-2009-4672


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

wordpress

  • wordpress

grupenet

  • wp-lytebox