Mathopd is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks. Versions prior to Mathopd 1.5p7 are vulnerable.
Updates are available. Please see the references for more information.
- IIS Service Pack - 404
- Boa Webserver Terminal Escape Sequence in Logs Command Injection Vulnerability
- IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability
- IBM WebSphere Application Server Multiple CSRF Vulnerabilities
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability