CVE-2013-5979

The CVE-2013-5979 issue affects Spring Signage Xibo 1.2.x (pre-1.2.3) and 1.4.x (pre-1.4.2). A directory traversal flaw allows remote attackers to read arbitrary files by supplying a .. in the p parameter to index.php. Impact: potential exposure of sensitive server files. Root cause: insufficient...