Description
Directory traversal vulnerability in zen/template-functions.php in zenphoto 1.0.4 up to 1.0.6 allows remote attackers to list arbitrary directories via ".." sequences in the album parameter to index.php.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server CVE-2016-3482 Vulnerability (CVE-2016-3482)
PHP HTML entity encoder heap overflow vulnerability
WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.9)
WordPress Plugin Rating-Widget:Star Review System Cross-Site Scripting (2.8.8)
WordPress Plugin HUSKY-Products Filter Professional for WooCommerce SQL Injection (1.3.6)