Directory traversal vulnerability in DeWeS web server 0.4.2 and possibly earlier, as used in Twilight CMS, allows remote malicious users to read arbitrary files via a ..%5c (dot dot encoded backslash) in a GET request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
twilightcms twilight cms 5.17 |