Published: 17/05/2007 Updated: 29/07/2017
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Directory traversal vulnerability in rdw_helpers.py in rdiffWeb prior to allows remote malicious users to read arbitrary files via a .. (dot dot) in the path parameter to the /browse URI.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

rdiffweb rdiffweb

rdiffweb rdiffweb 0.1

rdiffweb rdiffweb 0.3.1

rdiffweb rdiffweb 0.3.2

rdiffweb rdiffweb 0.2

rdiffweb rdiffweb 0.3


source: wwwsecurityfocuscom/bid/24092/info rdiffWeb is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the webserver process Information obtained may aid in further a ...