Описание
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp.
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-0480
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39856
- https://www.exploit-db.com/exploits/4970
- http://secunia.com/advisories/28601
- http://securityreason.com/securityalert/3589
- http://www.bugreport.ir/?/29
- http://www.securityfocus.com/archive/1/486866/100/0/threaded
- http://www.securityfocus.com/bid/27419
- http://www.securitytracker.com/id?1019266
- http://www.webwizguide.com/webwizforums/kb/release_notes.asp
Связанные уязвимости
nvd
около 18 лет назад
Multiple directory traversal vulnerabilities in Web Wiz Forums 9.07 and earlier allow remote attackers to list arbitrary directories, and .txt and .zip files, via a .....\\\ in the sub parameter to (1) RTE_file_browser.asp or (2) file_browser.asp.