PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.
References
Link | Resource |
---|---|
https://gkaim.com/cve-2018-20631-vikas-chaudhary/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-03-21 09:00
Updated : 2019-03-25 10:37
NVD link : CVE-2018-20631
Mitre link : CVE-2018-20631
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
website_seller_script_project
- website_seller_script