First published: Tue Apr 10 2007(Updated: )
Directory traversal vulnerability in richedit/keyboard.php in eCardMAX HotEditor (Hot Editor) 4.0, and the HotEditor plugin for MyBB, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the first parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Ecardmax.com Hot Editor | =4.0 | |
Mybb Mybb Hot Editor Plugin |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.