Simple Web Server File Disclosure Vulnerability

Simple Web Server does not properly sanitize web requests. By adding a slash-slash sequence ('//') to a URI, it is possible for an attacker to disclose files on the vulnerable web server, effectively bypassing any access controls.


 

Privacy Statement
Copyright 2010, SecurityFocus