CVE-2018-1000882
N/A
N/A
Summary
WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt
- http://bugs.webidsupport.com/view.php?id=646
- https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f
References
- https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt
- http://bugs.webidsupport.com/view.php?id=646
- https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.