Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Help Center Live <= 2.1.2 Directory Traversal

High

Synopsis

The remote host is vulnerable to a Directory Traversal flaw.

Description

The remote web server is running Help Center Live, a help desk application written in PHP. The remote version of this software is vulnerable to a Directory Traversal flaw. An attacker exploiting this flaw would send a malformed HTTP request which included '../' (or similar) directory traversal strings. Successful exploitation would result in the attacker gaining access to confidential data.

Solution

Upgrade or patch according to vendor recommendations.