Multiple directory traversal vulnerabilities in Jax Petition Book 1.0.3.06 allow remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the languagepack parameter to (1) jax_petitionbook.php or (2) smileys.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jax scripts jax petition book 1.0.3.06 |