Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows remote malicious users to list arbitrary directories via ".." sequences in the album parameter to index.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zenphoto zenphoto 1.0.6 |
||
zenphoto zenphoto 1.0.4 |
||
zenphoto zenphoto 1.0.5 |