Doufox Path Traversal Vulnerability in File Listing Functionality

A critical path traversal vulnerability has been identified in Doufox versions through 0.2.0. The issue arises in the file listing functionality accessed via the '/?s=doudou&c=file&a=list' URL. Manipulating the 'dir' argument allows attackers to traverse directories and access files outside the intended directory structure. This vulnerability can be exploited remotely, but requires authentication.

Impact

Exploitation of this vulnerability allows for arbitrary file modifications and access to any file on the server, potentially leading to unauthorized data exposure or manipulation.

Reproduction

To reproduce this vulnerability, log into the application and navigate to the file listing feature. Once there, manipulate the 'dir' parameter to include directory traversal sequences, such as '../', to access restricted files. Authenticated users can exploit this vulnerability to read, modify, download, or delete files on the server.