CVE-2024-39171 | THREATINT

Description

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.

PUBLISHED Reserved 2024-06-21 | Published 2024-07-09 | Updated 2024-08-02 | Assigner mitre

References

phpvibe.com

github.com/...7386/PHPVibe_vulnerability_Directory-Traversal

phpvibe.com

github.com/...7386/PHPVibe_vulnerability_Directory-Traversal

cve.org (CVE-2024-39171)

nvd.nist.gov (CVE-2024-39171)

Download JSON