Multiple directory traversal vulnerabilities in LogiSphere 0.9.9j allow remote attackers to access arbitrary files via (1) .. (dot dot), (2) … (triple dot), and (3) ..// sequences in the URL, (4) ../ sequences in the source parameter to viewsource.jsp, or (5) .. (dot dot backslash) sequences in the NS-query-pat parameter to the search URL. URL.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Logisphere | Logisphere | 0.9.9j (including) | 0.9.9j (including) |