CVE-2024-39171 Information

Description

Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix.

Reference

http://phpvibe.com https://github.com/751897386/PHPVibe_vulnerability_Directory-Traversal