Description
FileSystemObject (FSO) in the showfile.asp Active Server Page (ASP) allows remote attackers to read arbitrary files by specifying the name in the file parameter.
Remediation
References
Related Vulnerabilities
SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-0920)
Liferay Portal CVE-2021-38266 Vulnerability (CVE-2021-38266)
WordPress Plugin Limit Attempts by BestWebSoft Multiple Vulnerabilities (1.0.3)
WordPress Plugin Affiliate PRO Cross-Site Scripting (1.3.1)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9853)