This host is running Arkeia Appliance and is prone to multiple vulnerabilities.
Successful exploitation will allow remote attackers to perform directory traversal attacks and read arbitrary files on the affected application. arbitrary data. Impact Level: Application
Upgrade to Arkeia Appliance 10.1.10 or later, For updates refer to http://www.arkeia.com/download
Multiple flaws are due, - There are no restrictions when a POST request is send to '/scripts/upload.php' thus allowing any unauthenticated client to upload any data to the /tmp/ApplianceUpdate file. - Input passed via 'lang' parameter to 'Cookie' field in HTTP header is not properly sanitised before being returned to the user.
Arkeia Appliance Version 10.0.10 and prior.
Send the crafted HTTP GET request and check is it possible to read the system file or not.
- A Really Simple Chat Multiple SQL Injection Vulnerabilities
- Allegro RomPager `Misfortune Cookie` Vulnerability
- Adobe ColdFusion Directory Traversal Vulnerability
- ArticleSetup Multiple Cross-Site Scripting and SQL Injection Vulnerabilities
- AV Arcade 'ava_code' Cookie Parameter SQL Injection Vulnerability