CVE
2017-11503
Public CVE-2017-11503 disclosure
Contao before 3.5.28 and 4.x before 4.4.1 allows remote attackers to include and execute arbitrary local PHP files via a crafted parameter in a URL, aka Directory Traversal.
Link not working? No problem! With VULNMAP you always have guaranteed access to security information thanks to reliable backups.
Our backup links ensure that critical data remains always available, even in case of unavailability of original sites.