RSS   Vulnerabilities for 'ZWII'   RSS

2011-01-20
 
CVE-2011-0505

CWE-22
 

 
Directory traversal vulnerability in system/system.php in Zwii 2.1.1, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the set[template][value] parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top