Summary
QuickPHP is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
A remote attacker may leverage this issue to retrieve arbitrary files in the context of the affected application, potentially revealing sensitive information that may lead to other attacks.
QuickPHP 1.9.1 is vulnerable
other versions may also be affected.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Acritum Femitter Server URI Directory Traversal Vulnerability
- IBM WebSphere Application Server Hash Collisions DOS Vulnerability
- Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability
- IBM WebSphere Application Server Admin Console Cross-site Scripting Vulnerability
- Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability