SSCHADV2011-034 - osCSS2 "_ID" parameter Local file inclusion
Advisory:
|
osCSS2 "_ID" parameter Local file inclusion
|
Advisory ID:
|
SSCHADV2011-034
|
Author:
|
Stefan Schurtz
|
Affected Software:
|
Successfully tested on osCSS2 2.1.0 (latest version)
|
Vendor URL:
|
|
Vendor Status:
|
Fixed in svn branche 2.1.0 and reported in develop version 2.1.1
|
EDB-ID:
|
18099
|
======================
Vulnerability Description:
======================
Vulnerability Description:
======================
osCSS2 2.1.0 "_ID" parameter is prone to a LFI vulnerability