Ras313

**Name of the Vulnerable Software and Affected Versions** Deltek Maconomy version 2.2.5 **Description** The issue allows for local file inclusion via absolute path traversal. This can be achieved through the "WS.macx1.W MCS/" endpoint in the PATH INFO, as demonstrated by accessing a "cgi-bin/Maconomy/MaconomyWS.macx1.W MCS/etc/passwd" URI. **Recommendations** For Deltek Maconomy version 2.2.5, consider restricting access to the "WS.macx1.W MCS/" endpoint to minimize the risk of exploitation. Avoid using absolute paths in the PATH INFO to prevent traversal attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.