Description
Directory traversal vulnerability in editor_registry.php in XOOPS 2.2.3 allows remote attackers to read or include arbitrary local files via a .. (dot dot) in the xoopsConfig[language] parameter.
Remediation
References
Related Vulnerabilities
IBM WebSEAL Improper Restriction of XML External Entity Reference Vulnerability (CVE-2019-4707)
PHP Resource Management Errors Vulnerability (CVE-2011-1657)
MySQL CVE-2015-0391 Vulnerability (CVE-2015-0391)
WordPress Plugin WP Visitor Statistics (Real Time Traffic) SQL Injection (5.7)
Apache HTTP Server Resource Management Errors Vulnerability (CVE-2014-0231)