Deerfield WorldClient 2.1 Directory Traversal Vulnerability

The HTTP interface for WorldClient 2.1 is vulnerable to a directory traversal. By requesting a URL composed of the filename and ..\ it is possible for a remote user to retrieve and dowload any file of known location.


 

Privacy Statement
Copyright 2010, SecurityFocus