Description

Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows remote attackers to list arbitrary directories via ".." sequences in the album parameter to index.php.

Remediation

References

CVE-2007-0616

Related Vulnerabilities

Oracle HTTP Server CVE-2016-3482 Vulnerability (CVE-2016-3482)

PHP HTML entity encoder heap overflow vulnerability

WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.9)

WordPress Plugin Rating-Widget:Star Review System Cross-Site Scripting (2.8.8)

WordPress Plugin HUSKY-Products Filter Professional for WooCommerce SQL Injection (1.3.6)

Severity

High

Classification

CVE-2007-0616

Tags

Missing Update Known Vulnerabilities