Description
Directory traversal vulnerability in test.php in PHP Weather 2.2.2 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the language parameter.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ahmadbady · textwebappsphp
https://www.exploit-db.com/exploits/7451
References (4)
Core 4
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4826
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/32820
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33098
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/7451
Scores
EPSS
0.0383
EPSS Percentile
88.2%
Details
CWE
CWE-22
Status
published
Products (1)
phpweather/phpweather
2.2.2
Published
Dec 30, 2008
Tracked Since
Feb 18, 2026