Description
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple Slideshow Manager Multiple Unspecified Vulnerabilities (2.1)
Apache 2.x version older than 2.2.8
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-10324)
WordPress Plugin Product Limited Time Availability Date for woocommerce Cross-Site Scripting (1.0.1)
Microsoft SQL Server CVE-2023-32028 Vulnerability (CVE-2023-32028)