Bytes interactive Web shopper 1.0/2.0 - Directory Traversal
| EKU-ID: 25840 | CVE: CVE-2000-0922;OSVDB-432 | OSVDB-ID: |
| Author: f0bic | Published: 2000-10-08 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25840 | CVE: CVE-2000-0922;OSVDB-432 | OSVDB-ID: |
| Author: f0bic | Published: 2000-10-08 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/1776/info Bytes Interactive Web Shopper is a XML based shopping cart application. The "newpage" variable does not properly check for insecure relative paths such as the double dot "..". The following URL request: http://target/cgi-bin/shopper.cgi?newpage=../../../path/filename.ext will yield the file specified. Successful exploitation could lead to a remote intruder gaining read access to any known file.