RSS   Vulnerabilities for 'Advanced dewplayer'   RSS

2014-01-03
 
CVE-2013-7240

CWE-22
 

 
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.

 


Copyright 2017, cxsecurity.com

 

Back to Top