Mega File Manager 'name' Parameter Directory Traversal Vulnerability Network Vulnerability

Summary

Mega File Manager is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory- traversal sequences ('../') to retrieve arbitrary files in the context of the application. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. Mega File Manager 1.0 is vulnerable other versions may also be affected.

References

http://www.awesomephp.com/?MegaFileManager
http://www.securityfocus.com/bid/53189

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

/cgi-bin directory browsable ?
Apache Struts2/XWork Remote Command Execution Vulnerability
Apache Rave User Information Disclosure Vulnerability
Adobe JRun Management Console Multiple Vulnerabilities
AeroMail Cross Site Request Forgery, HTML Injection and Cross Site Scripting Vulnerabilities

Take action and discover your vulnerabilities