Limited Black Friday Offer:

Fonality trixbox - Directory Traversal Vulnerability CVE-2014-5111 Scanner

There are multiple directory traversal vulnerabilities in Fonality trixbox, which allow remote attackers to read arbitrary files.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

Fonality trixbox - Directory Traversal Vulnerability CVE-2014-5111 Scanner Detail

Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.

http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html