Multiple directory traversal vulnerabilities in OpenBiblio prior to 0.5.2 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in (1) the page parameter to shared/help.php or (2) the tab parameter to shared/header.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbiblio openbiblio |
||
openbiblio openbiblio 0.1.0 |
||
openbiblio openbiblio 0.4.0 |
||
openbiblio openbiblio 0.5.0 |
||
openbiblio openbiblio 0.2.1 |
||
openbiblio openbiblio 0.3.0 |