VULHUB ™

It is reported that Simple PHP Blog is susceptible to two remote directory traversal vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input data. The first vulnerability reportedly allows remote attackers to retrieve the contents of arbitrary, potentially sensitive files located on the serving computer with the credentials of the affected server process. The second vulnerability reportedly allows remote attackers to create directories in arbitrary locations on the serving computer with the credentials of the affected server process. These vulnerabilities are reported to exist in version 0.3.7c of Simple PHP Blog. Other versions may also be affected.

It is reported that Simple PHP Blog is susceptible to two remote directory traversal vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input data. The first vulnerability reportedly allows remote attackers to retrieve the contents of arbitrary, potentially sensitive files located on the serving computer with the credentials of the affected server process. The second vulnerability reportedly allows remote attackers to create directories in arbitrary locations on the serving computer with the credentials of the affected server process. These vulnerabilities are reported to exist in version 0.3.7c of Simple PHP Blog. Other versions may also be affected.