CVE-2003-1239

Name of the Vulnerable Software and Affected Versions WihPhoto version 0.86

Description A directory traversal issue exists, allowing remote attackers to read arbitrary files. This is achieved by using .. specifiers in the album parameter and specifying the target filename in the pic parameter.

Recommendations For WihPhoto version 0.86, consider restricting access to the sendphoto.php file until a patch is available. As a temporary workaround, avoid using the album and pic parameters in the sendphoto.php file to minimize the risk of exploitation.