html2ps 'include file' Server Side Include Directive Directory Traversal Vulnerability

The 'html2ps' program is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

Versions prior to html2ps 1.0b7 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus