ID de Prueba:	1.3.6.1.4.1.25623.1.0.10831
Categoría:	Web application abuses
Título:	Total PC Solutions PHP Rocket Add-in for FrontPage File Traversal Vulnerability
Resumen:	There is a vulnerability in the Total PC Solutions PHP Rocket; Add-in for FrontPage that allows a remote attacker to view the contents of any arbitrary file to; which the web user has access.
Descripción:	Summary: There is a vulnerability in the Total PC Solutions PHP Rocket Add-in for FrontPage that allows a remote attacker to view the contents of any arbitrary file to which the web user has access. Vulnerability Insight: This vulnerability exists because the PHP Rocket Add-in does not filter out ../ and is therefore susceptible to this directory traversal attack. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-1204 BugTraq ID: 3751 http://www.securityfocus.com/bid/3751 Bugtraq: 20011228 PHP Rocket Add-in (file transversal vulnerability) (Google Search) http://www.securityfocus.com/archive/1/247559 XForce ISS Database: phprocket-directory-traversal(7749) https://exchange.xforce.ibmcloud.com/vulnerabilities/7749
Copyright	Copyright (C) 2001 HD Moore & Drew Hintz

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.