Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a %2E. (mixed encoding) in the pg parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Guppy | Guppy | 4.5.10 | 4.5.10 |
Guppy | Guppy | 4.5.11 | 4.5.11 |
Guppy | Guppy | 2.4_p1 | 2.4_p1 |
Guppy | Guppy | 4.5.4 | 4.5.4 |
Guppy | Guppy | 4.5.3a | 4.5.3a |
Guppy | Guppy | 2.4_p3 | 2.4_p3 |
Guppy | Guppy | 4.5.9 | 4.5.9 |
Guppy | Guppy | 4.5 | 4.5 |
Guppy | Guppy | 2.4 | 2.4 |
Guppy | Guppy | 4.5.3 | 4.5.3 |
Guppy | Guppy | 2.4_p4 | 2.4_p4 |