Exploit Hosting Controller 1.x - 'Browse.asp' File Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21464
Проверка EDB
  1. Пройдено
Автор
BAO DAI NHAN
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2002-0775
Дата публикации
2002-05-19
Код:
source: https://www.securityfocus.com/bid/4778/info

Hosting Controller is an application which consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems.

The 'browse.asp' script is prone to an issue which may allow a remote attacker to view the contents of arbitrary files and directories. The attacker must provide a malicious value as a URL parameter in a request for the affected script, which will be read with the privileges of the web server process. 

http://target/admin/browse.asp?FilePath=c:\&Opt=2&level=0
 
Источник
www.exploit-db.com

Похожие темы