Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and previous versions allows remote malicious users to read arbitrary files via a .. in the page parameter of the show command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
netwin surgeldap 1.0d |
||
netwin surgeldap 1.0e |
||
netwin surgeldap 1.0g |