CVE-2003-1239

Wihphoto - Path Traversal

Title source: rule

Description

Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by frog · textwebappsphp

https://www.exploit-db.com/exploits/22282

View Code ZIP pw:eip

References (4)

[Exploit, Patch] http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0092.html

[Third Party Advisory] http://www.iss.net/security_center/static/11429.php

[Exploit, Patch] http://www.securityfocus.com/archive/1/312966

[Exploit, Patch] http://www.securityfocus.com/bid/6929

Scores

EPSS 0.0647

EPSS Percentile 90.9%

Classification

Status draft

Affected Products (1)

wihphoto/wihphoto

Timeline

Published Dec 31, 2003

Tracked Since Feb 18, 2026