2018-04-08 02:00:00
mitre
PUBLISHED
In Gxlcms QY v1.0.0713, LibLibActionAdminTplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of | instead of / as a directory separator, in conjunction with a ".." sequence.