QwikSec

Security Database

CVE

CWE

Training

CVE-2018-1000882

Published: Dec 20, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET Request. This vulnerability appears to have been fixed in after commit 256a5f9d3eafbc477dcf77c7682446cc4b449c7f.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://telekomsecurity.github.io/assets/advisories/20181108_WeBid_Multiple_Vulnerabilities.txt

x_refsource_MISC

http://bugs.webidsupport.com/view.php?id=646

x_refsource_MISC

https://github.com/renlok/WeBid/commit/256a5f9d3eafbc477dcf77c7682446cc4b449c7f

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.