Arbitrary File Retrieval Vulnerability in PhpNewsManager 1.46

Arbitrary File Retrieval Vulnerability in PhpNewsManager 1.46

CVE-2004-0327 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Directory traversal vulnerability in functions.php in PhpNewsManager 1.46 allows remote attackers to retrieve arbitrary files via .. (dot dot) sequences in the clang parameter.

Learn more about our Web Application Penetration Testing UK.