Directory Traversal Vulnerability in New Atlanta BlueDragon CFChart Servlet

Directory Traversal Vulnerability in New Atlanta BlueDragon CFChart Servlet

CVE-2014-5370 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Directory traversal vulnerability in the CFChart servlet (com.naryx.tagfusion.cfm.cfchartServlet) in New Atlanta BlueDragon before 7.1.1.18527 allows remote attackers to read or possibly delete arbitrary files via a .. (dot dot) in the QUERY_STRING to cfchart.cfchart.

Learn more about our Web Application Penetration Testing UK.