1 matches found
Directory traversal
Directory traversal vulnerability in chat.php in Sky GUNNING MySpeach 3.0.7 and earlier allows remote attackers to include arbitrary local files via a .. dot dot and trailing %00 NULL in a mymsroot cookie...