HomePentest-Tools.com Logo

Chyrp Multiple Directory Traversal Vulnerabilities CVE-2011-2780CVE-2011-2744

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Chyrp is prone to Multiple directory traversal vulnerabilities.

Risk description

Multiple flaws are due to improper validation of user supplied input to file parameter in includes/lib/gz.php and action parameter in index.php before being used to include files. Successful exploitation will allow the attackers to read arbitrary files and gain sensitive information on the affected application.

Recommendation

Upgrade to Chyrp version 2.1.1

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jul 19, 2011
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available