Directory traversal vulnerability in index.php in LokiCMS 0.3.4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to check for the existence of arbitrary files via a .. (dot dot) in the page parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lokicms lokicms 0.1.0rc1 |
||
lokicms lokicms 0.3.0 |
||
lokicms lokicms 0.3.2b1 |
||
lokicms lokicms 0.3.1b2 |
||
lokicms lokicms |
||
lokicms lokicms 0.2.0 |
||
lokicms lokicms 0.1.0 |
||
lokicms lokicms 0.3.1b1 |
||
lokicms lokicms 0.3.3 |