Arbitrary File Read Vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239

Arbitrary File Read Vulnerability in eTouch SamePage Enterprise Edition 4.4.0.0.239

CVE-2015-2071 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise Edition 4.4.0.0.239 allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filepath parameter.

Learn more about our User Device Pen Test.