[VIM] Piwigo 'dl' Parameter Directory Traversal Vulnerability
Narayan Agarwalla
Narayan_Agarwalla at symantec.com
Tue Mar 5 05:46:00 CST 2013
Hi George,
BID 58016: Updated.
BID 58229: Retired as duplicate of 58016
Thanks and Regards,
Narayan
-----Original Message-----
From: vim-bounces at attrition.org [mailto:vim-bounces at attrition.org] On Behalf Of George Theall
Sent: Monday, March 04, 2013 6:09 PM
To: Vulnerability Information Managers
Subject: [VIM] Piwigo 'dl' Parameter Directory Traversal Vulnerability
There are two recent BIDs concerning a directory traversal vulnerability vulnerability addressed in 2.4.7 -- 58016, credited to Gjoko Krstic, and 58229, credited to HTBridge. According to http://piwigo.org/bugs/view.php?id=2843, the vulnerability was reported by HTBridge as well as Krstic.
Rob / Venkat / whoever : does SecurityFocus plan to retire one of these?
George
--
theall at tenable.com
More information about the VIM
mailing list