|
Description
|
|
A vulnerability has been reported in Kloxo, which can be exploited by malicious users to disclose sensitive information or manipulate certain data.
Certain input related to the "Root Directory" field is not properly verified before being used. This can be exploited e.g. by using File Manager to read or write to other users' files via directory traversal sequences.
The vulnerability is reported in versions prior to 6.1.18.
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Kloxo 6.x
|
|
|
|
|
|
Solution
|
|
Update to version 6.1.18.
|
|
|
|
|
|
CVE
|
|
|
|
|
|
|
|
References
|
|
http://project.lxcenter.org/projects/kloxo/news
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
