10 lines
No EOL
585 B
Text
10 lines
No EOL
585 B
Text
source: http://www.securityfocus.com/bid/15530/info
|
|
|
|
Torrential is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input.
|
|
|
|
An attacker can exploit this issue to retrieve arbitrary remote PHP code on an affected computer with the privileges of the Web server process. This may facilitate unauthorized access.
|
|
|
|
Torrential Version 1.2 is vulnerable; other versions may also be vulnerable.
|
|
|
|
http://www.example.com/torrential/dox/getdox.php/../forums.php
|
|
http://www.example.com/torrential/dox/getdox.php/../../index.html |