Directory traversal vulnerability in Simple PHP Blog (SPHPBlog) 0.3.7c allows remote attackers to read or create arbitrary files via a .. (dot dot) in the entry parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Simple_php_blog | Alexander_palmo | 0.3.7c (including) | 0.3.7c (including) |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0210.html
- http://marc.info/?l=bugtraq\u0026m=110512850603989\u0026w=2
- http://www.securityfocus.com/bid/12193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18802
- http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0210.html
- http://marc.info/?l=bugtraq\u0026m=110512850603989\u0026w=2
- http://www.securityfocus.com/bid/12193
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18802