CVE-2001-1334
PHPSlash 0.6.1 contains a vulnerability in Block_render_url.class that allows remote attackers with PHPSlash administrator privileges to read arbitrary files. By creating a block and specifying the target file as the source URL, an authenticated admin can exfiltrate local files. The CVE entry pro...