Loader007

**Name of the Vulnerable Software and Affected Versions** Easy-Clanpage version 3.0 b1 **Description** The issue allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the `section` parameter to the default URI. This is a directory traversal vulnerability. **Recommendations** For Easy-Clanpage version 3.0 b1, as a temporary workaround, consider restricting access to the default URI or disabling the `section` parameter until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.