header-logo
Suggest Exploit
vendor:
HOMEPIMA Design
by:
7.5
CVSS
HIGH
Local File Disclosure
CWE
Product Name: HOMEPIMA Design
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Local File Disclosure Vulnerability in HOMEPIMA Design

HOMEPIMA Design is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.

Mitigation:

Implement proper input validation to prevent directory traversal attacks. Ensure that user-supplied input is properly sanitized and restricted to valid file paths.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/47770/info

HOMEPIMA Design is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input.

Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks. 

http://www.example.com/setup/filedown.php?file=../../../../../../../../../../../../../../etc/passwd

Navigation

Suggest Exploit

Services By CQR