Absolute path traversal vulnerability in forcedownload.php in Gravy Media Photo Host 1.0.8 allows remote attackers to read arbitrary files via an encoded "/" (slash) in the file parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2009-06-23T21:21:00
Updated: 2024-08-07T05:44:55.894Z
Reserved: 2009-06-23T00:00:00
Link: CVE-2009-2184
Vulnrichment
No data.
NVD
Status : Modified
Published: 2009-06-23T21:30:00.530
Modified: 2017-09-29T01:34:46.140
Link: CVE-2009-2184
Redhat
No data.