vendor:
LionWiki
by:
MoDaMeR
5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: LionWiki
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
2009
Powered by LionWiki
The LionWiki script is vulnerable to directory traversal attacks. An attacker can exploit this vulnerability by manipulating the 'page' parameter in the index.php file to access files outside of the intended directory structure. This can lead to the disclosure of sensitive information such as the /etc/passwd file.
Mitigation:
To mitigate this vulnerability, it is recommended to sanitize user input and implement proper input validation and output encoding. Additionally, access controls should be implemented to restrict unauthorized access to sensitive files.