2017-12-26 22:00:00
mitre
PUBLISHED
PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via the id parameter to admin/review_userwise.php.