CVE-2007-1100

2007-02-2617:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.6%

JSON

Directory traversal vulnerability in download.php in Ahmet Sacan Pickle before 20070301 allows remote attackers to read arbitrary files via a … (dot dot) in the file parameter.

References

osvdb.org/33763

secunia.com/advisories/24294

securityreason.com/securityalert/2293

user.ceng.metu.edu.tr/~ahmet/Wiki/Software/pickle/pickle

www.securityfocus.com/archive/1/461145/100/0/threaded

www.securityfocus.com/bid/22703

www.vupen.com/english/advisories/2007/0748

exchange.xforce.ibmcloud.com/vulnerabilities/32712