mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-20 17:53:42 +00:00
798 B
798 B
CVE-2009-0331
Description
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery (ESPG) 1.72 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as a vulnerability in ESPG.
POC
Reference
Github
No PoCs found on GitHub currently.