header-logo
Suggest Exploit
vendor:
Methodus 3 Web Server
by:
SecurityFocus
7.5
CVSS
HIGH
File Disclosure
22
CWE
Product Name: Methodus 3 Web Server
Affected Version From: Methodus 3 Web Server
Affected Version To: Methodus 3 Web Server
Patch Exists: YES
Related CWE: CVE-2002-0991
CPE: a:methodus:methodus_3_web_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2002

The Methodus 3 Web Server component is prone to a file disclosure vulnerability

The Methodus 3 Web Server component is prone to a file disclosure vulnerability. It is possible for remote attackers to retrieve resources outside of the web root directory via directory traversal attacks. This could potentially be exploited to gain access to sensitive files on a system hosting the vulnerable software.

Mitigation:

Upgrade to the latest version of Methodus 3 Web Server
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7908/info

The Methodus 3 Web Server component is prone to a file disclosure vulnerability. It is possible for remote attackers to retrieve resources outside of the web root directory via directory traversal attacks. This could potentially be exploited to gain access to sensitive files on a system hosting the vulnerable software.

http://www.example.com/../../../windows/win.ini

Navigation

Suggest Exploit

Services By CQR