Podcast Generator 'download.php' Directory Traversal Vulnerability Network Vulnerability

Summary

Podcast Generator is prone to a directory-traversal vulnerability because it fails to sufficiently validate user-supplied input data. Exploiting the issue can allow an attacker to obtain sensitive information that may aid in further attacks. Podcast Generator 1.3 running on Windows is vulnerable other versions may also be affected.

References

http://podcastgen.sourceforge.net/download.php?lang=en
http://www.scribd.com/doc/28080332/Podcast-Generator-1-3-Arbitrary-File-Download-Windows
https://www.securityfocus.com/bid/41473

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
Apache OFBiz Multiple Cross Site Scripting Vulnerabilities
Apache CouchDB Cross Site Request Forgery Vulnerability
Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
Apache ActiveMQ 'Cron Jobs' Cross Site Scripting Vulnerability

Take action and discover your vulnerabilities