New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Arbitrary file read #345
Comments
|
Thanks! This should be fixed in all the current development branches for the next releases. |
|
CVE-2018-17341 has been assigned for this vulnerability. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
when we use "Advanced" or "Simple Rewrite" routing
in launch.php line 28-42
althouch
..has been baned,we can use..\..\..\..\bypass in windowsand the we can control the path in core\admin\router.php line 26
and we do not need Authenticated
in launch.php line 55
if count($bigtree["path"]>=count($parts_of_admin) we can bypass Authenticated
payload:
The text was updated successfully, but these errors were encountered: