1 results (0.004 seconds)

CVSS: 4.3EPSS: 1%CPEs: 4EXPL: 2

Directory traversal vulnerability in Dan Costin File Transfer before 1.2f allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the filename. Vulnerabilidad de salto de directorio en Dan Costin File Transfer antes de 1.2f permite a atacantes remotos leer archivos de su elección a través de "..\" (punto punto barra invertida) en el nombre de archivo. • https://www.exploit-db.com/exploits/31536 http://secunia.com/advisories/29540 http://sourceforge.net/project/shownotes.php?group_id=178021&release_id=586923 http://sourceforge.net/tracker/index.php?func=detail&aid=1829601&group_id=178021&atid=883559 http://www.securityfocus.com/bid/28453 https://exchange.xforce.ibmcloud.com/vulnerabilities/41489 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •