Directory traversal vulnerability in Drummond Miles A1Stats before 1.6 allows a remote malicious user to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
drummond miles a1stats |
||
drummond miles a1stats 1.0 |