RSS   Vulnerabilities for 'Media photo host'   RSS

2009-06-23
 
CVE-2009-2184

CWE-22
 

 
Absolute path traversal vulnerability in forcedownload.php in Gravy Media Photo Host 1.0.8 allows remote attackers to read arbitrary files via an encoded "/" (slash) in the file parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top