PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php.
7.8AI Score
0.008EPSS
Directory traversal vulnerability in visualizza.php in Way Of The Warrior (WOTW) 5.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the plancia parameter.
6.9AI Score
0.004EPSS