5 lines
No EOL
506 B
Text
Executable file
5 lines
No EOL
506 B
Text
Executable file
source: http://www.securityfocus.com/bid/2025/info
|
|
|
|
Novell NetWare Web Server 2.x versions came with a CGI written in BASIC called convert.bas. This script allows retrieval of files outside of the normal web server context. This can be accomplished simply by submitting the filename and path as a parameter to the script, using relative paths (../../) to traverse directories. Access may or may not be limited to the SYS: volume.
|
|
|
|
http://targethost/scripts/convert.bas?../../anything/you/want/to/view |