EasyGuppy 4.5.4/4.5.5 - 'Printfaq.php' Directory Traversal
| EKU-ID: 31634 | CVE: | OSVDB-ID: |
| Author: Josh Zlatin-Amishav | Published: 2005-09-30 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 31634 | CVE: | OSVDB-ID: |
| Author: Josh Zlatin-Amishav | Published: 2005-09-30 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/14984/info EasyGuppy is prone to a directory traversal vulnerability. The application fails to properly sanitize input supplied through HTTP POST requests or cookies. Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. http://www.example.com/printfaq.php?lng=en&pg=/../../../../../../../etc/passwd%00