Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Http_commander |
Http_commander |
4.0 |
4.0 |
References