The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote malicious users to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpyun phpyun 4.6 |