header-logo
Suggest Exploit
vendor:
FreeWeb Server
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: FreeWeb Server
Affected Version From: 3.6
Affected Version To: 3.6
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

FreeProxy Directory Traversal Vulnerability

It has been reported that FreeWeb server of FreeProxy may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The issue may allow a remote attacker to traverse outside the server root directory by using '../' character sequences.

Mitigation:

Ensure that the server is running the latest version of FreeProxy and that all security patches have been applied.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/9388/info

It has been reported that FreeWeb server of FreeProxy may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. The issue may allow a remote attacker to traverse outside the server root directory by using '../' character sequences. 

FreeProxy versions 3.6 and prior are reported to be prone to this issue.

http://www.example.com/../../../../boot.ini%00.html

Navigation

Suggest Exploit

Services By CQR