Description
Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter.
Exploits (1)
References (4)
Core 4
Core References
Exploit, Patch mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/312966
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6929
Exploit, Patch mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0092.html
Third Party Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/11429.php
Scores
EPSS
0.0647
EPSS Percentile
91.1%
Details
Status
published
Products (1)
wihphoto/wihphoto
0.86
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026