Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the next parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Interactive_story |
Valerie_mates |
1.3 (including) |
1.3 (including) |
References