Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and previous versions allow remote malicious users to read arbitrary files via a .. (dot dot) in the (1) id parameter to comm.php and (2) var_filename parameter to viewrq.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dirk bartley nweb2fax 0.2 |
||
dirk bartley nweb2fax |