Zxvf

**Name of the Vulnerable Software and Affected Versions** Jamroom versions 3.1.2, 3.2.3 through 3.2.6, 4.0.2, and prior to 3.4.0 **Description** The issue allows remote attackers to include arbitrary files via directory traversal sequences in the `t` parameter. This can be exploited by sending crafted requests to the affected software. **Recommendations** For Jamroom versions 3.1.2, 3.2.3 through 3.2.6, and 4.0.2, update to version 3.4.0 or later to resolve the issue. For Jamroom versions prior to 3.4.0, update to version 3.4.0 or later to resolve the issue.