Description
Insufficient sanitizing in backup resulted in an arbitrary file read risk. The capability to access this feature is only available to teachers, managers and admins by default.
Remediation
References
Related Vulnerabilities
Django Resource Management Errors Vulnerability (CVE-2014-0474)
MySQL Improper Privilege Management Vulnerability (CVE-2017-3257)
WordPress Plugin Quick Event Manager Multiple Vulnerabilities (9.7.4)
WordPress Plugin Fancy Product Designer-WooCommerce SQL Injection (4.7.4)
WordPress Plugin VikBooking Hotel Booking Engine & PMS Multiple Vulnerabilities (1.5.3)