[VIM] Piwigo 'dl' Parameter Directory Traversal Vulnerability

George Theall gtheall at tenable.com
Mon Mar 4 06:39:09 CST 2013


There are two recent BIDs concerning a directory traversal vulnerability vulnerability addressed in 2.4.7 -- 58016, credited to Gjoko Krstic, and 58229, credited to HTBridge. According to http://piwigo.org/bugs/view.php?id=2843, the vulnerability was reported by HTBridge as well as Krstic. 

Rob / Venkat / whoever : does SecurityFocus plan to retire one of these?


George
-- 
theall at tenable.com



More information about the VIM mailing list