classes/Url.php in Justin Hagstrom AutoIndex PHP Script prior to 2.2.4 allows remote malicious users to cause a denial of service (CPU and memory consumption) via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
justin hagstrom autoindex php script 2.0.4 |
||
justin hagstrom autoindex php script 2.0.5 |
||
justin hagstrom autoindex php script 2.2.1 |
||
justin hagstrom autoindex php script 2.2.2 |
||
justin hagstrom autoindex php script 2.0.0 |
||
justin hagstrom autoindex php script 2.0.1 |
||
justin hagstrom autoindex php script 2.1.0 |
||
justin hagstrom autoindex php script 2.1.1 |
||
justin hagstrom autoindex php script 2.0.6 |
||
justin hagstrom autoindex php script 2.0.7 |
||
justin hagstrom autoindex php script 2.2.3 |
||
justin hagstrom autoindex php script 2.0.2 |
||
justin hagstrom autoindex php script 2.0.3 |
||
justin hagstrom autoindex php script 2.1.2 |
||
justin hagstrom autoindex php script 2.2.0 |