Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

ew_file_manager.txt

🗓️ 26 Jul 2004 00:00:00Reported by SulloType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 17 Views

EasyWeb FileManager for PostNuke has a directory traversal vulnerability for remote file retrieval.

Code
`* CIRT-200404: EasyWeb (EW) FileManager Directory Traversal *  
  
Remote File Retrieval - 07/23/2004  
  
*Product: *  
EasyWeb FileManager Module <http://home.postnuke.ru/>  
  
*Description:*  
EasyWeb FileManager Module for PostNuke is vulnerable to a directory  
traversal problem which allows retrieval of arbitrary files from the  
remote system.  
  
*Systems Affected:*  
EasyWeb FileManager 1.0 RC-1  
  
*Technical Description:*  
The PostNuke module works by loading a directory and/or file via the  
"pathext" (directory) and "view" (file) variables. Providing a relative  
path (from the document repository) in the "pathext" variable will cause  
FileManager to provide a directory listing of that diretory. Selecting a  
file in that listing, or putting a file name in the "view" variable,  
will cause EasyWeb to load the file specified. Only files and  
directories which can be read by the system user running PHP can be  
retrieved.  
  
This URL will show the /etc direcotry (assuming PostNuke is installed at  
the root level):  
  
* http://[victim]/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc  
  
  
This URL will show the /etc/passwd file (assuming PostNuke is installed  
at the root level):  
  
* http://[victim]/index.php?module=ew_filemanager&type=admin&func=manager&pathext=../../../etc/&view=passwd  
  
  
*Fix/Workaround:*  
Use another file manager module for PostNuke, as the authors do not  
appear to be maintaining FileManager.  
  
*Vendor Status:*  
Vendor was contacted but did not respond.  
  
*Contacts:*  
[email protected] <mailto:[email protected]>  
  
*References:*  
Updated information can be found on OSVDB.org <http://www.osvdb.org/>  
under the following entries:  
OSVDB-8193 <http://www.osvdb.org/8193> EasyWeb FileManager Directory  
Traversal  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
26 Jul 2004 00:00Current
7.4High risk
Vulners AI Score7.4
easyweb filemanagerdirectory traversalfile retrievalpostnuke vulnerablesecurity issueexploit risk.
17