EmpireCMS 6.6 allows remote malicious users to discover the full path via an array value for a parameter to admin/tool/ShowPic.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
dedecms dedecms 5.7 |
||
phome empirecms 6.6 |
||
phome empirecms 7.0 |
||
phome empirecms 7.2 |
Vulmon