CVE-2001-1168

Name of the Vulnerable Software and Affected Versions PhpMyExplorer versions prior to 1.2.1

Description The issue allows remote attackers to read arbitrary files. This is achieved by exploiting a directory traversal vulnerability in the index.php file. The vulnerability can be triggered via a ..%2F (modified dot dot) in the chemin parameter of a specific API endpoint, although the exact endpoint is not specified.

Recommendations For versions prior to 1.2.1, update to version 1.2.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the chemin parameter to minimize the risk of exploitation.