Directory traversal vulnerability in login.php in the PunPortal module prior to 2.0 for PunBB allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the pun_user[language] parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
justin_roy punportal_module 1.0 |