Virtual Vision FTP Browser Vulnerability

The Virtual Visions FTP Browser is a CGI script that provides an HTML interface to files that you have available to download. By submitting a request to the script containing the special directory traversal characters it is possible to access any directory on the filesystem. For example:

http://www.server.com/cgi-bin/ftp/ftp.pl?dir=../../../../../../etc


 

Privacy Statement
Copyright 2010, SecurityFocus