Absolute path traversal vulnerability in include.php in PHPKIT 1.6.1 Release 2 and previous versions allows remote malicious users to include and execute arbitrary local files via a direct request with a path parameter with a null character and beginning with (1) '/' (slash) for an absolute pathname or (2) a drive letter (such as "C:"), which bypasses checks for ".." sequences and trailing ".php" extensions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpkit phpkit |