Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

QuiXplorer < 2.3.1 item Parameter Directory Traversal File Access

Medium

Synopsis

The remote host may be running a vulnerable version of QuiXplorer, a Web based application implemented in PHP that allows users to browse files and directories on a Web server.

Description

The remote host may be running a vulnerable version of QuiXplorer, a Web based application implemented in PHP that allows users to browse files and directories on a Web server. QuiXplorer versions up to 2.3 are prone to a directory traversal vulnerability. An attacker may access arbitrary files on a vulnerable computer in the context of the affected server.

Solution

Upgrade QuiXplorer to version 2.3.1 or higher.