Closed GoogleCodeExporter closed 9 years ago
$_GET['zip']
$_GET['upload']
$_GET['folder']
$_GET['id']
All vulnerable to directory traversal injections.
Original comment by tablatronics
on 24 Sep 2012 at 4:29
Original comment by tablatronics
on 30 Sep 2012 at 1:51
fixed by r760
for QA
deleting zip archives
deleting uploads, and uploads in subfolders
deleting pages
Original comment by tablatronics
on 30 Sep 2012 at 2:54
Needs QA
Original comment by tablatronics
on 21 Oct 2012 at 4:01
Original issue reported on code.google.com by
aquinadie
on 20 Sep 2012 at 3:43