Summary
This host is running Admidio and is prone to Directory Traversal Vulnerability.
Impact
Successful exploitation could allow attacker to view local files in the context of the webserver process.
Impact Level: Application
Solution
Upgrade to Version 1.4.9 or later
http://www.admidio.org/index.php?page=download
Insight
The flaw is due to file parameter in modules/download/get_file.php which is not properly sanitized before returning to the user.
Affected
Admidio Version 1.4.8 and prior.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-5209 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities