Directory traversal vulnerability in admin.php in Potato News 1.0.0 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the user cookie parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
potato-scripts potato news 1.0.0 |