Directory traversal vulnerability in index.php in Thepeak File Upload Manager 1.3 allows remote malicious users to read or download arbitrary files via a base64-encoded file path containing a .. (dot dot) sequence in the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
thepeak thepeak file upload manager 1.3 |