CVE-2010-2079

Name of the Vulnerable Software and Affected Versions DataTrack System version 3.5

Description The issue allows remote attackers to bypass intended restrictions on file extensions and read arbitrary files by appending a trailing backslash in a URI. This can be demonstrated by accessing files such as web.config and .ascx.

Recommendations For DataTrack System version 3.5, consider restricting access to sensitive files and directories to minimize the risk of exploitation. As a temporary workaround, avoid using trailing backslashes in URIs until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.