vendor:
MP3Mystic Server
by:
SecurityFocus
4.3
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: MP3Mystic Server
Affected Version From: 1
Affected Version To: 1
Patch Exists: YES
Related CWE: CVE-2001-0753
CPE: o:jason_rahaim:mp3mystic_server:1.0
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2001
Directory Traversal Vulnerability in MP3Mystic Server
A vulnerability exists in Jason Rahaim's MP3Mystic Server which allows a remote user to traverse the directories of a target host. This may lead to the disclosure of file and directory contents. Arbitrary directories can be accessed through the inclusion of double dot '../' sequences when submitting a URL.
Mitigation:
Upgrade to the latest version of MP3Mystic Server.