Enigma2 'file' Parameter Information Disclosure Vulnerability Network Vulnerability

Summary

Enigma2 is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download local files in the context of the webserver process. This may allow the attacker to obtain sensitive information other attacks are also possible.

References

http://dream.reichholf.net/wiki/Enigma2
http://www.securityfocus.com/bid/51330

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-1024, CVE-2012-1025
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Archiva Multiple Vulnerabilities
Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
Apache Web Server Linefeed Memory Allocation Denial Of Service Vulnerability
Allaire JRun directory browsing vulnerability
2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities

Take action and discover your vulnerabilities