11 lines
No EOL
619 B
Text
11 lines
No EOL
619 B
Text
source: http://www.securityfocus.com/bid/20698/info
|
|
|
|
Cruiseworks is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid attackers in further attacks.
|
|
|
|
Cruiseworks 1.09c and 1.09d are reported vulnerable; other versions may be affected as well.
|
|
|
|
http://www.example.com/Scripts/cruise/cws.exe?doc=../data/system.wdb
|
|
|
|
Note: the above URI requires a login to the application. |