The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| geneweb | geneweb | 4.06 |
| geneweb | geneweb | 4.08 |
| geneweb | geneweb | 4.05 |
| geneweb | geneweb | 4.07 |