Summary
Cryptographp is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to view files and execute local scripts from the Cryptographp directory in the context of the webserver process. This may aid in further attacks.
Cryptographp 1.4 is vulnerable
other versions may also be affected.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apache ActiveMQ 'admin/queueBrowse' Cross Site Scripting Vulnerability
- Apache Tomcat 'sendfile' Request Attributes Information Disclosure Vulnerability
- Apple Safari Multiple Vulnerabilities
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- /doc directory browsable ?