It is reported that WebLibs is prone to a remote directory traversal vulnerability. This issue is due to a failure of the application to properly filter user-supplied input.
WebLibs 1.0 is affected by this vulnerability.
The following proof of concept is available:
<INPUT type=hidden value="/../../../../../etc/passwd" name="TextFile">
WebLibs contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. The issue is due to the weblibs.pl script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the TextArea variable (which is a hidden <INPUT> field in the form).
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.