Directory traversal vulnerability in archives.php in Xpression News (X-News) 1.0.1 allows remote attackers to include arbitrary files or obtain sensitive information via a … (dot dot) in the xnews-template parameter.
CPE | Name | Operator | Version |
---|---|---|---|
xpression_news | eq | 1.0.1 |