- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 20829
- Проверка EDB
-
- Пройдено
- Автор
- NEME-DHC
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2001-0557
- Дата публикации
- 2001-05-07
Код:
source: https://www.securityfocus.com/bid/2703/info
It is possible for a remote user to traverse the directories of a host running Jana Server. Submitting a specially crafted URL using hex encoded 'double dot' sequences will reveal arbitrary directories. In addition to revealing directories, this vulnerability could enable a user to obtain the contents of files readable by the webserver user.
www.example.com/%2e%2e/%2e%2e/
www.example.com/%2e%2e/%2e%2e/filename- Источник
- www.exploit-db.com
