Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
scar4u scarnews 1.2.1 |