VYPR
High severity7.5NVD Advisory· Published Oct 29, 2018· Updated Jun 17, 2026

CVE-2018-18713

CVE-2018-18713

Description

The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.