- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 20277
- Проверка EDB
-
- Пройдено
- Автор
- PESTILENCE
- Тип уязвимости
- REMOTE
- Платформа
- CGI
- CVE
- cve-2000-0924
- Дата публикации
- 2000-07-18
Код:
source: https://www.securityfocus.com/bid/1772/info
Master Index is a commercially supported search engine. Certain versions of this software ship with a path traversal vulnerability. This is to say that a remote user may 'back out' (.../) of the web root directory and view/download any file which the user who is running Master Index has permission to read.
Example:
http://www.target.com/cgi-bin/search/search.cgi?keys=*&prc=any&catigory=../../../../../.. ../../etc- Источник
- www.exploit-db.com
