ITAfrica WEBactive Directory Traversal Vulnerability

The following example has been provided by <slipy@b10z.net>:

http://target/../../../scandisk.log

^^ = Will obviously open the scandisk.log file.


 

Privacy Statement
Copyright 2010, SecurityFocus