Directory traversal vulnerability in the XML Server in IOServer prior to 1.0.19.0, when the Root Directory pathname lacks a trailing \ (backslash) character, allows remote malicious users to read arbitrary files or list arbitrary directories via a .. (dot dot) in a URI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ioserver ioserver 1.0.18.0 |