Directory Traversal Vulnerability in MyBackup by MyBackup Technologies
CVE-2009-4978

Currently unrated

Key Information:

Vendor: Tufat
Status: Mybackup
Vendor: CVE Published:; 25 August 2010

What is CVE-2009-4978?

A directory traversal vulnerability exists in the MyBackup 1.4.0 product, specifically within the down.php script. This flaw enables remote attackers to manipulate the filename parameter, using the '../' sequence to access and read arbitrary files on the server. Such unauthorized access can lead to exposure of sensitive data, raising significant security concerns for the affected systems.

References

http://www.exploit-db.com/exploits/9365

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2009/2165

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/36106

third-party-advisoryx_refsource_SECUNIA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 25, 2010
Vulnerability Reserved
Aug 25, 2010

Tufat

What is CVE-2009-4978?

References

Timeline