FAUST iServer 9.0.018.018.4 - Local File Inclusion

FAUST iServer before 9.0.019.019.7 is susceptible to local file inclusion because for each URL request it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal. id: CVE-2021-34805 info: name: FAUST iServer 9.0.018.018.4 - Local File Inclusio...

FAUST iServer 9.0.018.018.4 Local File Inclusion

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Local file inclusion vulnerability product: Land Software - FAUST iServer vulnerable version: 9.0.017.017.1-3 - 9.0.018.018.4 fixed version: 9.0.019.019.7, Version 10 CVE...

Land Software Faust Iserver 路径遍历漏洞

Land Software Faust Iserver is used by Land Software Germany to bring Faust, Faust Entry and Lidos databases to the Intranet and Internet. A path traversal vulnerability exists in Land Software FAUST iServer versions 9.0.017.017.1- 9.0.018.018.4, which stems from a lack of local include...