9 lines
No EOL
565 B
Text
9 lines
No EOL
565 B
Text
source: http://www.securityfocus.com/bid/22655/info
|
|
|
|
phpTrafficA is prone to multiple directory-traversal vulnerabilities because the application fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit these vulnerabilities to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid the attacker in further attacks.
|
|
|
|
phpTrafficA version 1.4.1 is vulnerable to these issues.
|
|
|
|
http://www.example.com/phpTrafficA/banref.php?lang=/../../../../../../../../../etc/passwd%00 |