Exploit Easy File Sharing Web Server 3.2 - Full Path Request Arbitrary File Upload

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
27378
Проверка EDB
  1. Пройдено
Автор
REVNIC VASILE
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2006-1161
Дата публикации
2006-03-09
Код:
source: https://www.securityfocus.com/bid/17046/info
 
Easy File Sharing Web Server is prone to multiple input-validation vulnerabilities. The application fails to properly sanitize user-supplied input before using it in dynamically generated content. 
 
The issues include HTML-injection, denial-of-service, and arbitrary file-upload vulnerabilities.
 
An attacker can exploit these issues to steal cookie-based authentication credentials, control how the site is rendered to the user, cause the application to crash, and facilitate a compromise of the underlying computer.

http://www.example.com/disk_c/Documents%20and%20Settings/All%20Users/Start%20Menu/Programs/Startup
 
Источник
www.exploit-db.com

Похожие темы