index.php CuteNews 1.4.0 and previous versions allows remote malicious users to obtain the path of the installation path of the application by triggering an error message, such as by entering multiple ../ (dot dot slash) in the archive parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cutephp cutenews |