Vulnerabilities > CVE-2007-2486 - Directory Traversal vulnerability in Motobit 1.3/1.5

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
motobit
exploit available

Summary

Directory traversal vulnerability in download.asp in Motobit 1.3 and 1.5 (aka PStruh-CZ) allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter.

Vulnerable Configurations

Part Description Count
Application
Motobit
2

Exploit-Db

descriptionPStruh-CZ 1.3/1.5 (download.asp File) File Disclosure Vulnerability. CVE-2007-2486. Webapps exploit for asp platform
fileexploits/asp/webapps/3831.txt
idEDB-ID:3831
last seen2016-01-31
modified2007-05-02
platformasp
port
published2007-05-02
reporterDj7xpl
sourcehttps://www.exploit-db.com/download/3831/
titlePStruh-CZ 1.3/1.5 - download.asp File File Disclosure Vulnerability
typewebapps