header-logo
Suggest Exploit
vendor:
Bytehoard
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: Bytehoard
Affected Version From: Bytehoard 1.0
Affected Version To: Bytehoard 1.0
Patch Exists: No
Related CWE: N/A
CPE: cpe:a:bytehoard:bytehoard:1.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Bytehoard Directory Traversal Vulnerability

Bytehoard is prone to directory traversal attacks, which could allow remote attackers to gain unauthorized access to sensitive files hosted on the system running the software. An example of this attack is demonstrated in the URL provided, which attempts to access the /etc/passwd file.

Mitigation:

Ensure that the web server is configured to deny access to sensitive files, and that the web application is configured to prevent directory traversal attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/8850/info

Bytehoard is prone to directory traversal attacks. This could potentially permit remote attackers to gain unauthorized access to sensitive files hosted on the system running the software.

http://www.example.com/bytehoard/index.php?infolder=../../../../

Navigation

Suggest Exploit

Services By CQR