header-logo
Suggest Exploit
vendor:
ParaChat
by:
Unknown
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: ParaChat
Affected Version From: 5.5
Affected Version To: Unknown
Patch Exists: YES
Related CWE:
CPE: a:parachat:parachat
Metasploit:
Other Scripts:
Platforms Tested: Unknown
Unknown

ParaChat Directory Traversal Vulnerability

ParaChat is susceptible to a directory traversal vulnerability. This issue allows remote attackers to retrieve the contents of arbitrary files located on the serving computer with the credentials of the ParaChat server process.

Mitigation:

It is recommended to update to a patched version of ParaChat to mitigate this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11272/info

It is reported that ParaChat is susceptible to a directory traversal vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input data.

This vulnerability allows remote attackers to retrieve the contents of arbitrary, potentially sensitive files located on the serving computer with the credentials of the ParaChat server process.

Version 5.5 is reported susceptible to this vulnerability. Other versions may also be affected.

http://www.example.com:7877/..%5C/..%5C/

Navigation

Suggest Exploit

Services By CQR