N/A

Multiple directory traversal vulnerabilities in SiteX 0.7.4 Build 418 and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the THEME_FOLDER parameter to (1) Corporate/homepage.php, (2) Fusion/homepage.php, (3) Joombo/homepage.php, (4) Streamline/homepage.php, and (5) Structure/homepage.php in themes/.

N/A

N/A

bjsintay sitex 多个目录遍历漏洞

SiteX 0.7.4 Build 418版本及其早期版本中存在多个目录遍历漏洞。远程攻击者可以借助对(1)Corporate/homepage.php,(2)Fusion/homepage.php,(3)Joombo/homepage.php,(4)Streamline/homepage.php,以及(5)themes/中的Structure/homepage.php的THEME_FOLDER参数中的一个..，包含和允许任意本地文件。

N/A

N/A