CVE-2017-12761

CVE-2017-12761

http://codecanyon.net/user/Endober WebFile Explorer 1.0 is affected by: SQL Injection. The impact is: Arbitrary File Download (remote). The component is: $file = $_GET[‘id’] in download.php. The attack vector is: http://speicher.example.com/envato/codecanyon/demo/web-file-explorer/download.php?id=WebExplorer/../config.php.

Source: CVE-2017-12761

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다