Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and previous versions allows remote malicious users to include arbitrary local files via a .. (dot dot) and trailing %00 (NULL) in a my_ms[root] cookie.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sky gunning myspeach 3.0.6 |
||
sky gunning myspeach 3.0.7 |
||
sky gunning myspeach 2.1_beta |
||
sky gunning myspeach 3.0.2 |