Help Center Live <= 2.1.2 Directory Traversal

ID 3696.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00


The remote web server is running Help Center Live, a help desk application written in PHP. The remote version of this software is vulnerable to a Directory Traversal flaw. An attacker exploiting this flaw would send a malformed HTTP request which included '../' (or similar) directory traversal strings. Successful exploitation would result in the attacker gaining access to confidential data.

                                            Binary data 3696.prm