Directory traversal vulnerability in website.php in openEngine 1.8 Beta 2 and previous versions allows remote malicious users to list arbitrary directories and read arbitrary files via a .. (dot dot) in the template parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openengine openengine 1.7.1 |
||
openengine openengine 1.8_beta2 |