2 matches found
CVE-2016-10759
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...
CVE-2016-10759
CVE-2016-10759 describes a path traversal vulnerability in Precurio 2.1 via the Xinha plugin. The flaw is in ExtendedFileManager/Classes/ExtendedFileManager.php, where ExtendedFileManager can be used to rename the .htaccess file that blocks PHP uploads, enabling directory traversal and resulting ...