CVE-2018-18713

Name of the Vulnerable Software and Affected Versions PHPYun version 4.6

Description The issue allows remote attackers to read arbitrary files via directory traversal. This is possible through the function down sql action() in the file /admin/model/database.class.php. The vulnerability can be exploited by using a specific URI, such as m=database&c=down sql&name=../, which enables directory traversal.

Recommendations For PHPYun version 4.6, as a temporary workaround, consider disabling the down sql action() function until a patch is available. Restrict access to the /admin/model/database.class.php file to minimize the risk of exploitation. Avoid using the name parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.