Path traversal

An Authenticated Remote Code Exection RCE vulnerability exists in Xerte through 3.9 in websitecode/php/import/fileupload.php by uploading a maliciously crafted PHP file though the project interface disguised as a language file to bypasses the upload filters. Attackers can manipulate the files...

Xerte 代码问题漏洞

Xerte is an open source software from The Xerte Project community in the UK. Xerte is vulnerable to a code issue where a maliciously crafted php file can be uploaded via a project interface disguised as a language file to bypass upload filters. An attacker could exploit the vulnerability to...