header-logo
Suggest Exploit
vendor:
ASP Folder Gallery
by:
Unknown
5.5
CVSS
MEDIUM
Arbitrary File Download
22
CWE
Product Name: ASP Folder Gallery
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: Unknown
CPE: a:asp_folder_gallery:asp_folder_gallery
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Arbitrary File Download Vulnerability in ASP Folder Gallery

ASP Folder Gallery is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files within the context of the affected webserver.

Mitigation:

To mitigate this vulnerability, it is recommended to sanitize and validate user-supplied input before using it in file download operations. Additionally, access controls should be implemented to restrict unauthorized access to sensitive files.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/24345/info

ASP Folder Gallery is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to download arbitrary files within the context of the affected webserver. 

http://www.example.com/aspfoldergallery/download_script.asp?file=viewimage.asp

Navigation

Suggest Exploit

Services By CQR