Directory traversal vulnerability in Chyrp 2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a ..%2F (encoded dot dot slash) in the action parameter to the default URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chyrp chyrp |
||
chyrp chyrp 2.1 |
||
chyrp chyrp 2.0 |