MiniWeb Directory Traversal and Arbitrary File Upload Vulnerabilities

MiniWeb is prone to a directory-traversal vulnerability and an arbitrary file-upload vulnerability.

An attacker can exploit these issues to obtain sensitive information, perform spoofing, upload and overwrite arbitrary files, and run it in the context of the web server process.

MiniWeb build 300 is vulnerable; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus