Azerbaijan Development Group AZDGDatingLite Directory Traversal Vulnerability

AzDGDatingLite is prone to a directory traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

An attacker can exploit this vulnerability by supplying directory traversal strings, followed by a filename and a NULL byte character and include an arbitrary local file.

The impact of successful exploitation will depend on the contents of the local included file.


 

Privacy Statement
Copyright 2010, SecurityFocus