|
BRS WebWeaver MKDir Directory Traversal Weakness
WebWeaver's FTP component has a flaw which can permit a remote user to create directories outside the FTP root. By executing the mkdir command on an ftp server with dot-dot-slash (..\) directory traversal notation, an attacker can create a directory outside of the FTP root. |
|
|
Privacy Statement |
