Directory traversal vulnerability in v2demo/page.php in Jshop Server 1.x up to and including 2.x allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the xPage parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
whorl ltd jshop server 1 |
||
whorl ltd jshop server 2 |