BRS Webweaver 1.0 1 - MKDir Directory Traversal
| EKU-ID: 27633 | CVE: | OSVDB-ID: |
| Author: euronymous | Published: 2003-01-10 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27633 | CVE: | OSVDB-ID: |
| Author: euronymous | Published: 2003-01-10 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/6585/info WebWeaver's FTP component has a flaw which can permit a remote user to create directories outside the FTP root. By executing the mkdir command on an ftp server with dot-dot-slash (..\) directory traversal notation, an attacker can create a directory outside of the FTP root. mkdir ..\[directoryname]