Ke4Qqq

**Name of the Vulnerable Software and Affected Versions** Sahana version 0.6.2.2 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `mod` parameter of the www/index.php file. This is a directory traversal vulnerability. **Recommendations** For Sahana version 0.6.2.2, consider restricting access to the `mod` parameter in the www/index.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the `mod` parameter with untrusted input until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.