QuickPHP Directory Traversal Vulnerability Network Vulnerability

Summary

QuickPHP is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. A remote attacker may leverage this issue to retrieve arbitrary files in the context of the affected application, potentially revealing sensitive information that may lead to other attacks. QuickPHP 1.9.1 is vulnerable other versions may also be affected.

References

http://www.johnleitch.net/Vulnerabilities/QuickPHP.Web.Server.1.9.1.Directory.Traversal/72
http://www.zachsaw.co.cc/?pg=quickphp_php_tester_debugger
https://www.securityfocus.com/bid/45603

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

GoAhead WebServer 'name' and 'address' Cross-Site Scripting Vulnerabilities
IIS IDA/IDQ Path Disclosure
IBM Rational Quality Manager and Rational Test Lab Manager Tomcat Default Account Vulnerability
Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
F*EX (Frams's Fast File EXchange) Multiple XSS Vulnerabilities

Take action and discover your vulnerabilities