Block_render_url.class in PHPSlash 0.6.1 allows remote...
Moderate severity
Unreviewed
Published
Apr 30, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
May 19, 2002
Published to the GitHub Advisory Database
Apr 30, 2022
Last updated
Jan 30, 2023
Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.
References