Directory traversal

2008-01-2920:00:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.6%

JSON

Directory traversal vulnerability in RTE_file_browser.asp in Web Wiz Rich Text Editor 4.0 allows remote attackers to list arbitrary directories, and .txt and .zip files, via a …\\ in the sub parameter in a save action.

CPENameOperatorVersion
rich_text_editoreq4.0

CPE	Name	Operator	Version
	rich_text_editor	eq	4.0

References

secunia.com/advisories/28639

securityreason.com/securityalert/3584

securitytracker.com/id?1019267

www.bugreport.ir/?/31

www.securityfocus.com/archive/1/486868/100/0/threaded

www.securityfocus.com/bid/27419

www.webwizguide.com/webwizrichtexteditor/kb/release_notes.asp

exchange.xforce.ibmcloud.com/vulnerabilities/39868

www.exploit-db.com/exploits/4971