This host is installed with Academia management solutions international (AMSI) and is prone to directory traversal vulnerability.
Successful exploitation will allow remote attackers to read arbitrary files on the target system. Impact Level: System/Application
No solution or patch is available as of 20th February, 2015. Information regarding this issue will updated once the solution details are available. For updates refer to http://amsi.ae
The error exists due to the download.php script, which does not properly sanitize user input supplied via the 'file' parameter.
AMSI v3.20.47 build 37 and probably other versions.
Send a crafted data via HTTP GET request and check whether it is able to read local file or not.
- AbanteCart Multiple Cross-Site Scripting Vulnerabilities
- Apache Tomcat NIO Connector Denial of Service Vulnerability
- Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
- Ampache Reflected Cross Site Scripting Vulnerability
- Apache Tomcat HTTP BIO Connector Information Disclosure Vulnerability