Some time ago released this system to traverse a directory problem. Feedback after the official has been amended.
Today stumbled upon a new version of the Yothshop Mall system, can be found in
Database inserted into a word, and a successful connection. Affect all versions.
Official website: http://www.yoth.net
Demo: the http://cms.yoth.net
Proof:
Message to write on Word, then chopper connection:
http://xxx/0gucci/%23da%23%ta23%/23�_23�ta23%23%.asa
Fix:
Filtering, renaming, database anti download.
A vulnerability has been feedback official technician. Please upgrade to the latest version.
inurl:Tags/pro_cont. asp? id=