exploit-db-mirror/exploits/asp/webapps/29357.txt
Offensive Security d304cc3d3e DB: 2017-11-24
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

9 lines
No EOL
550 B
Text

source: http://www.securityfocus.com/bid/21786/info
Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input.
An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver process. This may aid in further attacks.
This issue affects version 7C; earlier versions may also be vulnerable.
http://www.example.com/FolderManager/FolderManager.aspx?BrowseLevel=1&BrowsePath=[SITE NORMAL PATH]\..\..\..\..\program%20files