Arbitrary File Inclusion Vulnerabilities in Magnifica Webscripts Anima Gallery 2.6

CVE-2015-4415 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) theme or (2) lang cookie parameter to AnimaGallery/.

Learn more about our Web App Pen Testing.