Description
Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the layerstyle parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin WPZOOM Portfolio Cross-Site Scripting (1.2.1)
e107 Other Vulnerability (CVE-2010-0996)
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2016-7052)
WordPress Plugin JetWidgets For Elementor Multiple Cross-Site Scripting Vulnerabilities (1.0.8)
Squid Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-12529)