Directory traversal vulnerability in Mathopd 1.4.x and 1.5.x prior to 1.5p7, when configured with the * construct for mass virtual hosting, allows remote malicious users to read arbitrary files via a crafted Host header.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mathopd mathopd |
||
mathopd mathopd 1.5 |