Summary
The host is running xBoard and is prone to Local file inclusion vulnerability.
Impact
Successful exploitation will allow attackers to read arbitrary files on the target system.
Impact Level: Application
Solution
Ugrade to xBoard 6.5 or later,
For updates refer to http://sourceforge.net/projects/xboard
Insight
The flaw is due to an improper validation of user-supplied input to the 'post' parameter in 'view.php', which allows attackers to read arbitrary files via a ../(dot dot) sequences.
Affected
xBoard versions 5.0, 5.5, 6.0
Detection
Send the crafted HTTP GET request and check is it possible to read the system file.
References