This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Testing CVE-2021-22214 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Description] | |
Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as | |
demonstrated by full path disclosure and the identification of PHP as the backend technology. | |
------------------------------------------ | |
[Additional Information] | |
* Make sure that your web server does not send out response that | |
reveal information about the backend technology type or version. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Description] | |
Visiology Flipbox Software Suite before 2.7.0 allows directory | |
traversal via %5c%2e%2e%2f because it does not sanitize filename | |
parameters. | |
------------------------------------------ | |
[Vulnerability Type] | |
Directory Traversal |