CVE-2009-1407
NONE EPSS 76.9%
Published Apr 24, 200917y ago · Modified Jun 16, 20262w ago
Published Apr 24, 2009 17y ago
Last Modified Jun 16, 2026 2w ago
Description
Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a certain languages[][file] parameter.
Threat Intelligence
EPSS Exploit Probability
76.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| wonko | notftp | 1.3.1 | any |
References 3
- securityfocus.com http://www.securityfocus.com/bid/34636
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/49988
- exploit-db.com https://www.exploit-db.com/exploits/8504
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.