header-logo
Suggest Exploit
vendor:
ServerWorx
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: ServerWorx
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2001

ServerWorx Directory Traversal Vulnerability

It is possible for a remote user to gain read access to directories and files outside the root directory of ServerWorx. Requesting a specially crafted URL composed of '../' or '.../' sequences will disclose an arbitrary directory.

Mitigation:

Ensure that all user-supplied input is validated and filtered before being used in a filesystem operation.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2346/info

It is possible for a remote user to gain read access to directories and files outside the root directory of ServerWorx. Requesting a specially crafted URL composed of '../' or '.../' sequences will disclose an arbitrary directory. 

http://target/../[file outside web root]

http://target/.../[file outside web root]

Navigation

Suggest Exploit

Services By CQR