Vulnerabilities (CVE)

Filtered by vendor Scar4u Subscribe
Filtered by product Scarnews
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-1932 1 Scar4u 1 Scarnews 2024-02-28 7.5 HIGH N/A
Directory traversal vulnerability in scarnews.inc.php in ScarNews 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sn_admin_dir parameter.