RSS   Vulnerabilities for 'Mongrel'   RSS

2008-01-03
 
CVE-2007-6612

CWE-22
 

 
Directory traversal vulnerability in DirHandler (lib/mongrel/handlers.rb) in Mongrel 1.0.4 and 1.1.x before 1.1.3 allows remote attackers to read arbitrary files via an HTTP request containing double-encoded sequences (".%252e").

 


Copyright 2024, cxsecurity.com

 

Back to Top