Directory Traversal Vulnerability in QuiXplorer Affecting TinyWebGallery
CVE-2009-1911

Currently unrated

Key Information:

Vendor

Tinywebgallery

Status
Tinywebgallery
Vendor
CVE Published:
4 June 2009

What is CVE-2009-1911?

A directory traversal vulnerability exists in QuiXplorer versions up to 2.3.2, allowing attackers to exploit the lang parameter in admin/index.php. By manipulating the parameter to include a '..' (dot dot), remote attackers can gain access to and execute arbitrary local files, posing a significant risk to the security of systems using the affected software.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/35060
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/503396/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/35020
third-party-advisoryx_refsource_SECUNIA

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.