attachment.php in Headstart Solutions DeskPRO allows remote malicious users to read all uploaded files by providing the file number in a modified id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
headstart solutions deskpro 2.0.0 |
||
headstart solutions deskpro 2.0.1 |