A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated malicious user to download arbitrary files from the host machine.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blaauwproducts remote kiln control |
||
blaauwproducts remote kiln control 3.0.0 |