CVE 2013-1469
Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. (dot dot) in the dl parameter.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- BUGTRAQ: 20130227 Multiple Vuln...
- EXPLOIT-DB: 24561
- MISC: http://packetstormsecu...
- MISC: http://www.zeroscience...
- MISC: https://www.htbridge.c...
- CONFIRM: http://piwigo.org/bugs...
- CONFIRM: http://piwigo.org/foru...
- CONFIRM: http://piwigo.org/rele...
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)