Directory traversal vulnerability in index.php in Pritlog 0.4 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter in a viewEntry action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hardkap pritlog |
||
hardkap pritlog 0.3 |
||
hardkap pritlog 0.2 |