10 lines
No EOL
655 B
Text
10 lines
No EOL
655 B
Text
source: https://www.securityfocus.com/bid/44510/info
|
|
|
|
212cafe WebBoard is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
|
|
|
|
Remote attackers can use a specially crafted request with directory-traversal sequences ('../') to retrieve and read arbitrary files in the context of the webserver. Information harvested may aid in launching further attacks.
|
|
|
|
212cafe WebBoard 2.90 beta is vulnerable; other versions may also be affected.
|
|
|
|
http://www.example.com/webboard/view.php?topic=../../../../../../etc/passwd%00
|
|
http://www.example.com/webboard/view.php?topic=../../../../../../WINDOWS/system32/eula |