Exploit Gattaca Server 2003 - Null Byte Full Path Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24284
Проверка EDB
  1. Пройдено
Автор
DR_INSANE
Тип уязвимости
WEBAPPS
Платформа
CGI
CVE
cve-2004-2518
Дата публикации
2004-07-15
Gattaca Server 2003 - Null Byte Full Path Disclosure
Код:
source: https://www.securityfocus.com/bid/10729/info

It is reported that Gattaca Server 2003 contains multiple path disclosure vulnerabilities.

By sending HTTP requests to Gattaca's web server, it is reportedly possible to cause the application to return error pages that contain the full installation path of the application and the web document root path.

These vulnerabilities could be used by an attacker to aid them in further attacks against the server.

Version 1.1.10.0 is reported vulnerable. Prior versions may also contain these vulnerabilities as well. 

http://www.example.com/%00
 
Источник
www.exploit-db.com

Похожие темы