7 lines
No EOL
518 B
Text
7 lines
No EOL
518 B
Text
source: https://www.securityfocus.com/bid/10103/info
|
|
|
|
SurgeLDAP is prone to a directory traversal vulnerability in one of the scripts included with the built-in web administrative server, potentially resulting in disclosure of files.
|
|
|
|
A remote attacker could exploit this issue to gain access to system files outside of the web root directory of the built-in web server. Files that are readable by the web server could be disclosed via this issue.
|
|
|
|
http://www.example.com:6680/user.cgi?cmd=show&page=/../../../boot.ini |