Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Http_commander | Http_commander | 4.0 (including) | 4.0 (including) |
References
- http://secunia.com/advisories/10125
- http://www.http-com.com/Default.asp?section=Features
- http://www.osvdb.org/2780
- http://www.securityfocus.com/bid/8948
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13622
- http://secunia.com/advisories/10125
- http://www.http-com.com/Default.asp?section=Features
- http://www.osvdb.org/2780
- http://www.securityfocus.com/bid/8948
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13622