Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chadhaajay phpkb 9.0 |