Directory traversal vulnerability in help.php in phpWebThings 1.5.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a … (dot dot) in the module parameter.
CPE | Name | Operator | Version |
---|---|---|---|
phpwebthings | eq | 0.1 | |
phpwebthings | eq | 0.2 | |
phpwebthings | eq | 0.4 | |
phpwebthings | eq | 1.5.1 | |
phpwebthings | eq | 0.4.1 | |
phpwebthings | eq | 1.0 | |
phpwebthings | le | 1.5.2 | |
phpwebthings | eq | 0.2.98 | |
phpwebthings | eq | 1.5.0 | |
phpwebthings | eq | 1.1.97 |