vendor:
picKLE
by:
4
CVSS
MEDIUM
Local File Include
22
CWE
Product Name: picKLE
Affected Version From: 0.3
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
picKLE Local File Include Vulnerability
picKLE is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
Mitigation:
To mitigate this vulnerability, it is recommended to properly sanitize and validate user-supplied input to prevent directory traversal attacks. Additionally, access controls should be implemented to restrict unauthorized access to sensitive files.