Help Center Live <= 2.1.2 Directory Traversal
High Nessus Network Monitor Plugin ID 3696
SynopsisThe remote host is vulnerable to a Directory Traversal flaw.
DescriptionThe remote web server is running Help Center Live, a help desk application written in PHP. The remote version of this software is vulnerable to a Directory Traversal flaw. An attacker exploiting this flaw would send a malformed HTTP request which included '../' (or similar) directory traversal strings. Successful exploitation would result in the attacker gaining access to confidential data.
SolutionUpgrade or patch according to vendor recommendations.