Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and earlier allows remote attackers to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.
References
Configurations
Information
Published : 2008-03-20 03:44
Updated : 2018-10-11 13:33
NVD link : CVE-2008-1415
Mitre link : CVE-2008-1415
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
riceball
- multiple_time_sheets