vendor:
TorrentFlux
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: TorrentFlux
Affected Version From: 2.1
Affected Version To: 2.1
Patch Exists: YES
Related CWE: N/A
CPE: a:torrentflux:torrentflux
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006
TorrentFlux Directory Traversal Vulnerability
TorrentFlux is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of the affected application. Information obtained may aid attackers in further attacks.
Mitigation:
Input validation should be used to prevent directory traversal attacks. Sanitize user-supplied input to prevent attackers from exploiting this vulnerability.