0.003 Low
EPSS
Percentile
71.8%
reportico-web/reportico is vulnerable to directory traversal attacks. Using the xmlin parameter and .. attackers can read files outside of the intended directory.
xmlin
..
packetstormsecurity.com/files/127280/Reportico-Admin-Credential-Leak.html
seclists.org/fulldisclosure/2014/Jun/144
www.osvdb.org/108612
www.secveritas.com/secv-05-1402.html