ToendaCMS 0.6.1 - 'admin.php' Directory Traversal

Author: Bernhard Mueller
type: webapps
platform: php
port: 
date_added: 2005-11-07  
date_updated: 2013-06-30  
verified: 1  
codes: CVE-2005-3550;OSVDB-20534  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 26480.txt  

source: https://www.securityfocus.com/bid/15348/info

toendaCMS is reported prone to a directory traversal vulnerability. It is demonstrated that this issue may be leveraged to disclose the contents of arbitrary web-server readable files.

A remote attacker may exploit this vulnerability to reveal files that contain potentially sensitive information.

Version 2.1 is vulnerable; earlier versions may also be vulnerable.

http://www.example.com/engine/admin/admin.php?id_user=
../../../../../../etc/passwd