Directory traversal vulnerability in webFileBrowser.php in Web File Browser 0.4b14 allows remote authenticated users to read arbitrary files via a ..%2f (encoded dot dot) in the file parameter in a download action.
References
Link | Resource |
---|---|
http://www.exploit-db.com/exploits/18070 | Exploit |
Configurations
History
No history.
Information
Published : 2011-12-15 03:57
Updated : 2024-02-28 11:41
NVD link : CVE-2011-4831
Mitre link : CVE-2011-4831
CVE.ORG link : CVE-2011-4831
JSON object : View
Products Affected
david_azoulay
- web_file_browser
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')