Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action.
References
Link | Resource |
---|---|
http://www.exploit-db.com/exploits/18070 | Exploit |
http://www.exploit-db.com/exploits/18070 | Exploit |
Configurations
History
21 Nov 2024, 01:33
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.exploit-db.com/exploits/18070 - Exploit |
Information
Published : 2011-12-15 03:57
Updated : 2024-11-21 01:33
NVD link : CVE-2011-4831
Mitre link : CVE-2011-4831
CVE.ORG link : CVE-2011-4831
JSON object : View
Products Affected
david_azoulay
- web_file_browser
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')