CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-2931
https://notcve.org/view.php?id=CVE-2009-2931
Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter. Vulnerabilidad de salto de directorio en p.php en SlideShowPro Director 1.1 a 1.3.8 permite a atacantes remotos leer ficheros de su elección a través de secuencias de salto de directorio en el parámetro "a". • http://secunia.com/advisories/36197 http://slideshowpro.net/news/archive/2009/07/director-139-fi.php http://www.clearskies.net/documents/css-advisory-css09001-sspdirector.pdf http://www.osvdb.org/56825 http://www.securityfocus.com/archive/1/505534/100/0/threaded • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •