Directory traversal vulnerability in index.php in BNCwi 1.04 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the newlanguage parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bncwi bncwi |
||
bncwi bncwi 1.03 |