vqsoft vqserver for windows 1.9.9 - Directory Traversal vulnerability

2014-07-01T00:00:00
ID SSV:73727
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/1067/info

Some versions of vqSoft vqServer for Windows are vulnerable to the common ../../ method of retrieving known files from outside of the web directory structure, accomplished by appending a variable number of "../" and a known filename to an HTTP GET request. 

http://target/../../../../../autoexec.bat