| VID |
210155 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
Web server on the host system allows attackers to access main files of web server or web applications.
The vulnerability is that access of files or directories in web server or web applications is not controlled. so that main files or datas can be accessed. Attackers can access from web root directory to remote files and execute these files by inserting file path into the URL.
* Platforms Affected:
Any HTTP server Any version
Any operating system Any version |
| Recommendation |
Take the following steps:
Limit the top level folder of the web site to Web Root folder. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
