TUCoPS :: HP Unsorted M :: c07-2304.htm

Miniwebsvr 0.0.6 - Directory traversal
Miniwebsvr 0.0.6 - Directory traversal
Miniwebsvr 0.0.6 - Directory traversal


Hello!

Miniwebsvr 0.0.6 suffers from a directory traversal flaw.

"Exploit" :

http://yoursite/..%00 


Attack vector seems limited as you're only able to list one level down.

Cheers,

Daniel Nystr=F6m, daniel.nystrom@xored.net 
Fredrik Wessberg, fredd3@hotmail.com

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH