header-logo
Suggest Exploit
vendor:
Sahana
by:
SecurityFocus
7.5
CVSS
HIGH
Local File Disclosure
200
CWE
Product Name: Sahana
Affected Version From: 0.6.2.2
Affected Version To: 0.6.2.2
Patch Exists: YES
Related CWE: N/A
CPE: a:sahana:sahana:0.6.2.2
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Sahana Local File Disclosure Vulnerability

Sahana is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.

Mitigation:

Input validation should be used to prevent attackers from exploiting this vulnerability.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36826/info

Sahana is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input.

An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.

Sahana 0.6.2.2 is vulnerable; other versions may also be affected. 

http://www.example.com/index.php?stream=text&mod=/../../../../../../../../../../../etc/passwd%00

Navigation

Suggest Exploit

Services By CQR