Directory Traversal Vulnerability in uWSGI before 2.0.17

Directory Traversal Vulnerability in uWSGI before 2.0.17

CVE-2018-7490 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.

Learn more about our Web Application Penetration Testing UK.