c32web.exe in McMurtrey/Whitaker Cart32 prior to 6.4 allows remote malicious users to read arbitrary files via the ImageName parameter in a GetImage action, by appending a NULL byte (%00) sequence followed by an image file extension, as demonstrated by a request for a ".txt%00.gif" file. NOTE: this might be a directory traversal vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mcmurtrey whitaker and associates cart32 |