Directory traversal vulnerability in wordtube-button.php in the wordTube 1.43 and previous versions plugin for WordPress, when register_globals is enabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the wpPATH parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ruben boelinger wordtube |