Directory traversal

2010-03-2517:30:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

68.9%

JSON

Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0.1 allows remote attackers to read arbitrary files via a … (dot dot) in the l parameter.

CPENameOperatorVersion
web_server_creator_web_portaleq0.1

CPE	Name	Operator	Version
	web_server_creator_web_portal	eq	0.1

References

www.packetstormsecurity.com/1001-exploits/webservercreator-traversalxssrfi.txt

www.securityfocus.com/bid/37841

exchange.xforce.ibmcloud.com/vulnerabilities/55725