9 lines
No EOL
576 B
Text
9 lines
No EOL
576 B
Text
source: http://www.securityfocus.com/bid/11272/info
|
|
|
|
It is reported that ParaChat is susceptible to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input data.
|
|
|
|
This vulnerability allows remote attackers to retrieve the contents of arbitrary, potentially sensitive files located on the serving computer with the credentials of the ParaChat server process.
|
|
|
|
Version 5.5 is reported susceptible to this vulnerability. Other versions may also be affected.
|
|
|
|
http://www.example.com:7877/..%5C/..%5C/ |