CVE-2022-23377
CVE-2022-23377 affects Archeevo below 5.0. The vulnerability is a local file inclusion (LFI) via the parameter file=~/web.config, enabling an attacker to retrieve local files. Root cause: insecure handling of file path leading to LFI. Impact stated in sources includes potential disclosure of loca...