Absolute path traversal vulnerability in dload.php in the my_gallery 2.3 plugin for e107 allows remote malicious users to obtain sensitive information via a full pathname in the file parameter. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
e107 my_gallery 2.3 |