Description
In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.
Remediation
References
Related Vulnerabilities
WordPress Plugin MM Forms Community 'doajaxfileupload.php' Arbitrary File Upload (2.2.6)
WordPress 4.5.x Cross-Site Scripting Vulnerability (4.5 - 4.5.1)
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4545)
WordPress Plugin Form Vibes-Database Manager for Forms SQL Injection (1.4.10)