CVE-2019-16123

Publication date

2019-09-09 01:00:56

Family

mitre

State

PUBLISHED

Description

In Kartatopia PilusCart 1.4.1, the parameter filename in the file catalog.php is mishandled, leading to ../ Local File Disclosure.