- Directory traversal vulnerability in Adobe ColdFusion 9.0.1 and earlier allows attackers to obtain sensitive information. The vulnerability is a variation of a classic directory traversal vulnerability, also referred to as 'arbitrary file retrieval'. The attack involves tricking a server-side script to provide the contents of a file that it was not originally supposed to be made available. By 'moving up' a few directory levels, the attacker is able to obtain the contents of files outside the application server's webroot via special strings such as '../'.
- Apply the fix provided by Adobe. Check Web References.
- Microsoft SQL Server weak password encryption vulnerability
- WordPress Plugin BackWPup Cross-Site Scripting (3.0.12)
- WordPress Plugin Slider WD Unspecified Vulnerability (1.1.9)
- WordPress Plugin Bulk Creator Cross-Site Scripting (1.0.1)
- WordPress Plugin Media Library Categories 'termid' Parameter SQL Injection (1.0.6)