QuickFront 1.0 - File Disclosure
| EKU-ID: 27955 | CVE: | OSVDB-ID: |
| Author: Jan Kachlik | Published: 2003-04-09 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27955 | CVE: | OSVDB-ID: |
| Author: Jan Kachlik | Published: 2003-04-09 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7308/info A vulnerability has been reported for QuickFront that will result in the disclosure of sensitive system resources to remote attackers. QuickFront does not properly sanitize user-supplied input. Specifically, directory traversal sequences such as '../' to HTTP requests are not removed. http://<target>/../../../../../boot.ini