Directory traversal vulnerability in frame.php in phpcrs 2.06 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the importFunction parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpcrs phpcrs 2.05 |
||
phpcrs phpcrs 2.04 |
||
phpcrs phpcrs 2.01 |
||
phpcrs phpcrs 2.00 |
||
phpcrs phpcrs 2.03 |
||
phpcrs phpcrs 2.02 |
||
phpcrs phpcrs 1.01 |
||
phpcrs phpcrs |