Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x prior to 0.9.9 allows remote malicious users to read arbitrary files via a .. (dot dot) in an unspecified path.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fedoraproject fedora 23 |
||
fedoraproject fedora 22 |
||
prosody prosody 0.9.3 |
||
prosody prosody 0.9.2 |
||
prosody prosody 0.9.1 |
||
prosody prosody 0.9.0 |
||
prosody prosody 0.9.8 |
||
prosody prosody 0.9.6 |
||
prosody prosody 0.9.4 |
||
prosody prosody 0.9.7 |
||
prosody prosody 0.9.5 |
||
debian debian linux 7.0 |
||
debian debian linux 8.0 |