Directory traversal vulnerability in sendcard.php in Sendcard 3.4.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sc_language parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Sendcard |
Sendcard |
* |
3.4.1 |
References