Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Phprojekt | Phprojekt | 2.0 (including) | 2.0 (including) |
| Phprojekt | Phprojekt | 2.0.1 (including) | 2.0.1 (including) |
| Phprojekt | Phprojekt | 2.1 (including) | 2.1 (including) |
| Phprojekt | Phprojekt | 2.1a (including) | 2.1a (including) |
| Phprojekt | Phprojekt | 2.2 (including) | 2.2 (including) |
| Phprojekt | Phprojekt | 2.3 (including) | 2.3 (including) |
| Phprojekt | Phprojekt | 2.4 (including) | 2.4 (including) |
| Phprojekt | Phprojekt | 2.4a (including) | 2.4a (including) |
| Phprojekt | Phprojekt | 3.0 (including) | 3.0 (including) |
| Phprojekt | Phprojekt | 3.1 (including) | 3.1 (including) |
| Phprojekt | Phprojekt | 3.1a (including) | 3.1a (including) |