Description

Directory traversal vulnerability in install.php in FluxBB before 1.5.8 allows remote attackers to include and execute arbitrary local install.php files via a .. (dot dot) in the install_lang parameter.

Remediation

References

CVE-2014-9574

Related Vulnerabilities

WordPress Plugin Visual Composer:Page Builder for WordPress Multiple Cross-Site Scripting Vulnerabilities (4.7.3)

Oracle Database Server CVE-2014-6560 Vulnerability (CVE-2014-6560)

ReviveAdserver Other Vulnerability (CVE-2014-8875)

PHP Other Vulnerability (CVE-2007-1521)

WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)

Severity

Critical

Classification

CVE-2014-9574 CWE-22

Tags

Missing Update Known Vulnerabilities