Title:FlightPath 路径遍历漏洞 (CVE-2019-13396) Description:FlightPath 4.x and 5.0-x allows directory traversal and Local File Inclusion through the form_include parameter in an index.php?q=system-handle-form-submit POST request because of an include_once in system_handle_form_submit in modules/system/system.module.
Description
FlightPath versions prior to 4.8.2 and 5.0-rc2 are vulnerable to local file inclusion.
File Snapshot
id: CVE-2019-13396
info:
name: FlightPath - Local File Inclusion
author: 0x_Akoko,daffainfo
s
...
Shenlong Bot has cached this for you
Remarks
1. It is advised to access via the original source first.2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →