CVE-2009-1911

NONECVSS 0.0

0.0

Directory traversal vulnerability in .include/init.php (aka admin/_include/init.php) in QuiXplorer 2.3.2 and earlier, as used in TinyWebGallery (TWG) 1.7.6 and earlier, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter to admin/index.php.

🔗 References (14)

cve@mitrehttp://secunia.com/advisories/35020
cve@mitrehttp://secunia.com/advisories/35060
cve@mitrehttp://www.securityfocus.com/archive/1/503396/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/34892
cve@mitrehttp://www.tinywebgallery.com/forum/viewtopic.php?t=1653
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/50408
cve@mitrehttps://www.exploit-db.com/exploits/8649
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35020
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35060
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/503396/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34892
af854a3a-2127-422b-91ae-364da2661108http://www.tinywebgallery.com/forum/viewtopic.php?t=1653
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/50408
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/8649

Is Your Infrastructure Affected by CVE-2009-1911?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-1911

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-1911?