There is two path traversal vulnerability
jayus0821 opened this issue · 0 comments
jayus0821 commented
post_edit and page_edit.php
line99
$index_file = '../mc-files/posts/index/'.$post_state.'.php';
line102
$index_file = '../mc-files/pages/index/'.$post_state.'.php';
post_state is controllable and there is no filtering limit
We can use ../ to loop through all files
