Multiple directory traversal vulnerabilities in phpTrafficA 1.4.1, and possibly earlier, allow remote malicious users to include arbitrary local files via a .. (dot dot) in the (1) file parameter to plotStat.php and the (2) lang parameter to banref.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phptraffica phptraffica 1.4.1 |