Directory traversal vulnerability in SaveWebPortal 3.4 allows remote malicious users to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the (1) SITE_Path parameter to menu_dx.php or (2) CONTENTS_Dir parameter to menu_sx.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
savewebportal savewebportal 3.4 |