Total PC Solutions PHP Rocket Add-in for FrontPage Directory Traversal Vulnerability

PHP Rocket Add-in for FrontPage is a tool which enables PHP development from FrontPage, displaying the results in the FrontPage Preview window. It runs on Microsoft systems.

A vulnerability has been discovered in PHP Rocket Add-in for FrontPage which may allow a remote attacker to view the contents of arbitrary directories or files.

PHP Rocket Add-in does not adequately filter '../' sequences from web requests, making it prone to directory traversal attacks.


 

Privacy Statement
Copyright 2010, SecurityFocus