- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 37889
- Проверка EDB
-
- Пройдено
- Автор
- LARRY CASHDOLLAR
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- N/A
- Дата публикации
- 2012-09-26
YingZhiPython - Directory Traversal / Arbitrary File Upload
Код:
source: https://www.securityfocus.com/bid/55685/info
An attacker can exploit these issues to obtain sensitive information, to upload arbitrary code, and to run it in the context of the web server process.
YingZhiPython 1.9 is vulnerable; other versions may also be affected.
ftp://www.example.com/../../../../../../../private/etc/passwd- Источник
- www.exploit-db.com
