Because of these vulnerabilities, the attackers can obtain the installation path via a request to widget.php, functions.php, myCalendar.php, show_image.php, refreshDate.php, phpthumb/thumb_plugins/gd_reflection.inc.php or phpthumb/GdThumb.inc.php in includes/.
Update the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
js multi hotel | le | 2.2.1 |