Directory traversal vulnerability in check_vote.php in Weekly Drawing Contest 0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the order parameter. NOTE: another researcher disputes this vulnerability, noting that the order variable is not used in any context that allows opening files
References
Configurations
History
07 Nov 2023, 02:00
Type | Values Removed | Values Added |
---|---|---|
Summary | Directory traversal vulnerability in check_vote.php in Weekly Drawing Contest 0.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the order parameter. NOTE: another researcher disputes this vulnerability, noting that the order variable is not used in any context that allows opening files |
Information
Published : 2007-03-22 23:19
Updated : 2024-08-07 13:15
NVD link : CVE-2007-1601
Mitre link : CVE-2007-1601
CVE.ORG link : CVE-2007-1601
JSON object : View
Products Affected
weekly_drawing_contest
- weekly_drawing_contest
CWE