Description
Directory traversal vulnerability in class2.php in e107 0.7.5 and earlier allows remote attackers to read and execute PHP code in arbitrary files via ".." sequences in the e107language_e107cookie cookie to gsitemap.php.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.20)
WordPress Plugin Cookie Information-Free GDPR Consent Solution Privilege Escalation (1.4.2)
WordPress Plugin Page-list Cross-Site Scripting (5.2)
Python Integer Overflow or Wraparound Vulnerability (CVE-2016-5636)
Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)