Yaws URI Directory Traversal Vulnerability Network Vulnerability

Summary

Yaws is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks. Yaws 1.89 is vulnerable other versions may also be affected.

References

http://yaws.hyber.org/
https://www.securityfocus.com/bid/44564

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4181
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability
Admidio get_file.php Remote File Disclosure Vulnerability
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
Adobe Presenter viewer.swf and loadflash.js XSS Vulnerability

Take action and discover your vulnerabilities