Description
thumbsup.php in Thumbs-Up 1.12, as used in LightNEasy "no database" (aka flat) and SQLite 1.2.2 and earlier, allows remote attackers to copy, rename, and read arbitrary files via directory traversal sequences in the image parameter with a modified cache_dir parameter containing a %00 (encoded null byte).
Exploits (1)
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28801
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/491064/100/0/threaded
Exploit vdb-entry
x_refsource_osvdb
http://www.osvdb.org/44674
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29833
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/5452
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49851
Scores
EPSS
0.0558
EPSS Percentile
90.3%
Details
CWE
CWE-22
Status
published
Products (2)
lightneasy/lightneasy
1.2.2
sqlite/sqlite
1.2.2
Published
Apr 03, 2009
Tracked Since
Feb 18, 2026