Summary
The host is running Mojolicious and is prone to directory traversal vulnerability.
Impact
Successful exploitation will allow attacker to obtain sensitive information that could aid in further attacks.
Impact Level: Application
Solution
Upgrade to Mojolicious version 1.16 or later.
For updates refer to http://www.mojolicious.org/
Insight
The flaw is due to an error in 'Path.pm', which allows remote attackers to read arbitrary files via a %2f..%2f
(encoded slash dot dot slash) in a URI.
Affected
Mojolicious versions prior to 1.16.
References
Severity
Classification
-
CVE CVE-2011-1589 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities