Multiple directory traversal vulnerabilities in LoveCMS 1.4 allow remote malicious users to read arbitrary files via a .. (dot dot) in (1) the step parameter to install/index.php or (2) the load parameter to the top-level URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lovecms lovecms 1.4 |