- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 20825
- Проверка EDB
-
- Пройдено
- Автор
- TOM TOM
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- null
- Дата публикации
- 2001-02-17
Код:
source: https://www.securityfocus.com/bid/2697/info
It is possible for an attacker to traverse the web folders of a Savant HTTP Server. Submitting a URL referring to a known directory or file, and appended with specific unicode characters, will disclose the contents of the requested resource. The unicode character in question is '%2f..'. This vulnerability could allow the reading of files on the target system.
http://example.com/%2f..%2f..%2f../filename- Источник
- www.exploit-db.com
