osCMax Arbitrary File Upload and Full Path Information Disclosure Vulnerabilities

osCMax Arbitrary File Upload and Full Path Information Disclosure Vulnerabilities

An attacker can exploit these issues using a web browser.

The following example data and URI are available:

http://www.example.com/oxmax/ext/phpthumb/demo/phpThumb.demo.object.php

/data/vulnerabilities/exploits/64307.php.txt