Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and previous versions allows remote malicious users to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
riceball multiple time sheets 5.0 |