Exploit FastStone 4in1 Browser 1.2 - Web Server Directory Traversal

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
25319
Проверка EDB
  1. Пройдено
Автор
DONATO FERRANTE
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2005-0950
Дата публикации
2005-03-29
Код:
source: https://www.securityfocus.com/bid/12937/info

A vulnerability has been identified in the handling of certain types of requests by the 4in1 Browser Web server. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.

This issue could be exploited to gain read access to files on a host using the vulnerable software. Read privileges granted to these files would be restricted by the permissions of the web server process.

This vulnerability is reported to affect FastStone 4in1 Browser version 1.2, previous versions might also be affected. 

http://www.example.com/.../.../.../.../.../.../windows/system.ini
http://www.example.com/..\..\..\..\..\..\..\..\windows/system.ini
 
Источник
www.exploit-db.com

Похожие темы