Fizmez Web Server <= 1.3 Directory Traversal vulnerability

Fizmez Web Server is vulnerable to directory traversal.

Software

Software Link: http://sourceforge.net/projects/fizmezwebserver/

Vulnerable Versions:

# 1.0 (Fizmez/0.0.1)

# 1.1 (Fizmez/1.1)

# 1.2 (Fizmez/1.2)

# 1.3 (Fizmez/1.3)

Vendor Notification: Unnotified

Vulnerabilities

The following proof of concept is available:

Reference

# OWASP: Path Traversal

Appendix

[TXT] Fizmez Web Server 1.3 Directory Traversal vulnerability