|
Family: CGI abuses --> Category: infos
EasyWeb FileManager Directory Traversal Vulnerability Scan
Vulnerability Scan Summary Acertains if EasyWeb FileManager is present
Detailed Explanation for this Vulnerability Test
The remote host is running a version of the EasyWeb FileManager module
which is vulnerable to a directory traversal attack.
A possible hacker may use this flaw to read arbitrary files on the remote server
by sending malformed requests like :
/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../file
*** This might be a false positive, since a possible hacker would need credentials
*** to exploit this flaw
Solution : Upgrade to the latest version of this module
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|