LightNEasy "no database" (aka flat) version 1.2.2, and possibly SQLite version 1.2.2, allows remote malicious users to create arbitrary files via the page parameter to (1) index.php and (2) LightNEasy.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lightneasy lightneasy 1.2.2 |