7 matches found
Yii2 allows attackers to execute any local .php file via a relative path in the view parameter
web\ViewAction in Yii aka Yii2 2.x before 2.0.5 allows attackers to execute any local .php file via a relative path in the view parameeter...