Описание
merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:post_affiliate_pro:post_affiliate_pro:2.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 63%
0.00457
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
merchants/index.php in Post Affiliate Pro 2.0.4 and earlier, with magic_quotes_gpc disabled, allows remote attackers to include arbitrary local files via the md parameter, possibly due to a directory traversal vulnerability.
EPSS
Процентиль: 63%
0.00457
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other