Web4Future Portal Solutions Arhiva.PHP Directory Traversal Vulnerability

info
discussion
exploit
solution
references

Web4Future Portal Solutions Arhiva.PHP Directory Traversal Vulnerability

Portal Solutions is prone to a directory traversal vulnerability. This is due to a lack of proper sanitization of user-supplied input.

This issue may be leveraged to read arbitrary files on an affected computer with the privileges of the Web server. An attacker can employ directory traversal sequences to disclose arbitrary files.