Description
Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/0812-exploits/phpcksec-xssdisclose.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/47426
Scores
EPSS
0.0132
EPSS Percentile
67.4%
Details
CWE
CWE-22
Status
published
Products (1)
ott/phpcksec
0.2
Published
Apr 06, 2009
Tracked Since
Feb 18, 2026