header-logo
Suggest Exploit
vendor:
Portal
by:
SecurityFocus
7.5
CVSS
HIGH
Remote File Access
22
CWE
Product Name: Portal
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Aprox Portal Remote File Access Vulnerability

Aprox Portal is prone to a vulnerability that may permit remote attackers to gain access to files that are readable by the hosting web server. These files may exist outside of the server root, potentially exposing sensitive information that may be useful in further attacks against the host.

Mitigation:

Ensure that the web server is configured to only serve files from within the server root directory.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9540/info

Aprox Portal is prone to a vulnerability that may permit remote attackers to gain access to files that are readable by the hosting web server. These files may exist outside of the server root.

This could expose sensitive information that may be useful in further attacks against the host. 

http://www.example.com/index.php?show=/etc/passwd

Navigation

Suggest Exploit

Services By CQR