Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses --> Category: infos

PHPix directory traversal vulnerability Vulnerability Scan


Vulnerability Scan Summary
PHPix directory traversal vulnerability

Detailed Explanation for this Vulnerability Test
PHPix program allows a possible hacker to read arbitrary files on the remote web server, prefixing the pathname of the file with ..%2F..%2F..

Example:
GET /Album/?mode=album&album=..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc&dispsize=640&start=0

will return all the files that are nested within /etc directory.

Solution: Contact your vendor for the latest software release.

Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.