PT-2007-5882 · Unknown · Web Oddity

Katatafish

·

Publicado

2007-09-05

·

Atualizado

2017-09-29

·

CVE-2007-4726

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions: Web Oddity version 0.09b
Description: A directory traversal issue allows remote attackers to read arbitrary files by including a .. (dot dot) in the URI.
Recommendations: For Web Oddity version 0.09b, consider restricting access to sensitive files and directories as a temporary workaround until a patch is available.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2007-4726

Produtos afetados

Web Oddity