Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a …\\ in the sub parameter in a save action.
CPE | Name | Operator | Version |
---|---|---|---|
rich_text_editor | eq | 4.0 |
secunia.com/advisories/28639
securityreason.com/securityalert/3584
securitytracker.com/id?1019267
www.bugreport.ir/?/31
www.securityfocus.com/archive/1/486868/100/0/threaded
www.securityfocus.com/bid/27419
www.webwizguide.com/webwizrichtexteditor/kb/release_notes.asp
exchange.xforce.ibmcloud.com/vulnerabilities/39868
www.exploit-db.com/exploits/4971