Omnicom Content Platform - 'browser.asp' Directory Traversal

EDB-ID:

32412




Platform:

ASP

Date:

2008-09-23


source: https://www.securityfocus.com/bid/31338/info

Omnicom Content Platform is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

To exploit this issue an attacker may need administrative privileges to the affected application.

Exploiting the issue may allow the attacker to obtain sensitive information that could aid in further attacks.

Omnicom Content Platform 2.0 is vulnerable; other versions may also be affected. 

http://www.example.com/ocp/admin/fileKontrola/browser.asp?root=/