[VIM] Piwigo 'dl' Parameter Directory Traversal Vulnerability
gtheall at tenable.com
Mon Mar 4 06:39:09 CST 2013
There are two recent BIDs concerning a directory traversal vulnerability vulnerability addressed in 2.4.7 -- 58016, credited to Gjoko Krstic, and 58229, credited to HTBridge. According to http://piwigo.org/bugs/view.php?id=2843, the vulnerability was reported by HTBridge as well as Krstic.
Rob / Venkat / whoever : does SecurityFocus plan to retire one of these?
theall at tenable.com
More information about the VIM