CVE-2006-4169 in Gpg Plugin信息

摘要 (英语)

Multiple directory traversal vulnerabilities in the G/PGP (GPG) Plugin 2.0, and 2.1dev before 20070614, for Squirrelmail allow remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the help parameter to (1) gpg_help.php or (2) gpg_help_base.php.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

预定

2006-08-16

披露

2007-07-15

状态

已确认

条目

VulDB provides additional information and datapoints for this CVE:

标识符	漏洞	CWE	可利用	对策	CVE
37804	Squirrelmail Gpg Plugin Help 目录遍历	22	概念验证	官方修复	CVE-2006-4169

描述

CPE

CWE

CVSS

漏洞利用

历史

差异

连接

威胁情报

API JSON

API XML

API CSV

来源

MITRE
NVD
CVE Details

◂ 上一步一览下一步 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!