Directory traversal vulnerability in v2demo/page.php in Jshop Server 1.x through 2.x allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the xPage parameter.Referenceshttps://www.exploit-db.com/exploits/5325http://www.securityfocus.com/bid/28501https://exchange.xforce.ibmcloud.com/vulnerabilities/41524
