Arbitrary File Read Vulnerability in QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6

Arbitrary File Read Vulnerability in QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6

CVE-2018-10122 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6 allows remote attackers to read arbitrary files via directory traversal sequences in the pathname parameter to www/file.php.

Learn more about our Web Application Penetration Testing UK.