Directory traversal vulnerability in user.cgi in SurgeLDAP 1.0g and earlier allows remote attackers to read arbitrary files via a .. in the page parameter of the show command.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Surgeldap | Netwin | 1.0e | 1.0e |
Surgeldap | Netwin | 1.0g | 1.0g |
Surgeldap | Netwin | 1.0d | 1.0d |