Directory traversal vulnerability in index.php in Firewolf Technologies Synergiser 1.2 RC1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the page parameter. NOTE: this can be leveraged to obtain the path by including a local PHP script with a duplicate function declaration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
firewolf technologies synergiser |