Zend » Zend Platform : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in Zend Platform 2.2.1 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in the final component of the PHP session identifier (PHPSESSID). NOTE: in some cases, this issue can be leveraged to perform direct static code injection.
Max CVSS
7.5
EPSS Score
0.51%
Published
2006-08-29
Updated
2018-10-17
1 vulnerabilities found