Directory traversal vulnerability in the saveFeed function in rss/feedcreator.class.php in Bitweaver 2.6 and previous versions allows remote malicious users to create or overwrite arbitrary files via a .. (dot dot) in the version parameter to boards/boards_rss.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bitweaver bitweaver 2.0.0 |
||
bitweaver bitweaver 1.3.1 |
||
bitweaver bitweaver 1.3 |
||
bitweaver bitweaver 1.2.1 |
||
bitweaver bitweaver |
||
bitweaver bitweaver 1.1.1_beta |
||
bitweaver bitweaver 1.1 |
||
bitweaver bitweaver 2.5 |
||
bitweaver bitweaver 2.0.2 |