Directory traversal vulnerability in index.php in KorWeblog 1.6.2-cvs and previous versions allows remote malicious users to read arbitrary files and execute arbitrary PHP files via .. (dot dot) sequences in the lng parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
korweblog korweblog 1.6.1 |
||
korweblog korweblog 1.6.2cvs |