Directory traversal vulnerability in upload/force_download.php in Zomplog 3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Zomplog |
Zomplog |
3.8 (including) |
3.8 (including) |
References