eCardMAX HotEditor Keyboard.PHP Local File Include Vulnerability

eCardMAX HotEditor is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.

Exploiting this issue may allow an unauthorized user to view files and execute local scripts.

HotEditor 4.0 is vulnerable; other versions may also be affected. This issue also affects versions that may be integrated into phpBB2, MyBB, Simple Machine Forum, and PunBB Forum.


Privacy Statement
Copyright 2010, SecurityFocus