The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated malicious user to read arbitrary files from the filesystem by specifying the file path.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
unit4 mik.starlight 7.9.5.24363 |