There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using dot dot sequences(../../) to view host file on the system. This vulnerability can cause information leakage.
A directory listing is inappropriately exposed, yielding potentially sensitive information to attackers.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Aquanplayer | Cdnetworks | 2.0.0.92 (including) | 2.0.0.92 (including) |