Directory traversal vulnerability in editconfig_gedcom.php for phpGedView 2.65.1 and previous versions allows remote malicious users to read arbitrary files or execute arbitrary PHP programs on the server via .. (dot dot) sequences in the gedcom_config parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpgedview phpgedview 2.65 |
||
phpgedview phpgedview 2.65.1 |
||
phpgedview phpgedview 2.61 |
||
phpgedview phpgedview 2.61.1 |
||
phpgedview phpgedview 2.52.3 |
||
phpgedview phpgedview 2.60 |