Report.php fails to sanitize user input data on StartingDirectory parameter when used in an include. The vulnerable version is 10.04.x. Exploit Type Exploits Remote File Inclusion Known Vulnerabilities Product Name Impact