2 matches found
CVE-2020-13792
PlayTube 1.8 allows disclosure of user details via ajax.php?type=../admin-panel/autoload=manage-users directory traversal, aka local file inclusion...
CVE-2020-13792
PlayTube 1.8 is affected by a directory traversal/local file inclusion vulnerability that allows disclosure of user details via ajax.php?type=../admin-panel/autoload&page=manage-users. The issue is triggered by traversing the server file path to reach sensitive user information. The connected rec...