Description
Directory traversal vulnerability in htdocs/install/index.php in XOOPS 2.0.18 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the lang parameter.
Remediation
References
Related Vulnerabilities
ownCloud CVE-2022-43679 Vulnerability (CVE-2022-43679)
Microsoft SQL Server Other Vulnerability (CVE-2002-0721)
WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.19)
WordPress Plugin PDF Embedder Security Bypass (4.4)
WordPress Plugin Nextend Twitter Connect Cross-Site Scripting (1.5.1)