Multiple directory traversal vulnerabilities in Pligg 9.9 and previous versions allow remote malicious users to (1) determine the existence of arbitrary files via a .. (dot dot) in the $tb_url variable in trackback.php, or (2) include arbitrary files via a .. (dot dot) in the template parameter to settemplate.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pligg pligg cms 9.5 |
||
pligg pligg cms |