Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote malicious users to include arbitrary files or obtain sensitive information via a .. (dot dot) in the xnews-template parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
xpression news xpression news 1.0.1 |