Directory traversal vulnerability in highlight.php in bcoos 1.0.9 up to and including 1.0.13 allows remote malicious users to read arbitrary files via (1) .. (dot dot) or (2) C: folder sequences in the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bcoos bcoos 1.0.12 |
||
bcoos bcoos 1.0.13 |
||
bcoos bcoos 1.0.9 |
||
bcoos bcoos 1.0.10 |
||
bcoos bcoos 1.0.11 |