Arbitrary File Inclusion Vulnerability in OrangeHRM 2.6.0.1

Arbitrary File Inclusion Vulnerability in OrangeHRM 2.6.0.1

CVE-2010-4798 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the uri parameter.

Learn more about our Web Application Penetration Testing UK.