• info
• discussion
• exploit
• solution
• references

CGIScript.net CSFAQ Script Path Disclosure Vulnerability

No exploit is required.

The following proof of concept is available:
http://www.example.com/cgi-script/csFAQ/csFAQ.cgi?command=viewFAQ&database=/.darkbicho