Faust Informatics Freestyle Chat Directory Traversal Vulnerability

info
discussion
exploit
solution
references

Faust Informatics Freestyle Chat Directory Traversal Vulnerability

Freestyle Chat server from Faust Informatics incorporates interactive chat functionality into websites.

Versions of Freestyle Chat are vulnerable to directory traversal attacks. This can allow a remote user to request files from outside the normal webserver directory scope.

Properly exploited, this could provide information useful in further attacks on the vulnerable host.