Full title: dnaLIMS Directory Traversal Exploit 
Category: remote exploits
Platform: linux
This module exploits a directory traversal vulnerability found in dnaLIMS. Due to the way the viewAppletFsa.cgi script handles the 'secID' parameter, it is possible to read a file outside the www directory.

# 0day.today @ http://0day.today/