Directory traversal vulnerability in help/index.php in X7 Chat 2.0 and previous versions allows remote malicious users to include arbitrary files via .. (dot dot) sequences in the help_file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
x7 group x7 chat 1.3.2b |
||
x7 group x7 chat 1.3.3b |
||
x7 group x7 chat 1.3.4b |
||
x7 group x7 chat 1.3.5b |
||
x7 group x7 chat 1.3.6 |
||
x7 group x7 chat 2.0 |