Arbitrary File Read Vulnerability in PHPSlash 0.6.1

Arbitrary File Read Vulnerability in PHPSlash 0.6.1

CVE-2001-1334 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.

Learn more about our Web Application Penetration Testing UK.