Markus Triska CGIForum 1.0 - "thesection" Directory Traversal Vulnerability

ID EDB-ID:20408
Type exploitdb
Reporter zorgon
Modified 2000-11-20T00:00:00


Markus Triska CGIForum 1.0 "thesection" Directory Traversal Vulnerability. CVE-2000-1171. Remote exploit for cgi platform

                                            source :

CGIForum is a commercial cgi script from Markus Triska which is designed to facilitate web-based threaded discussion forums.

The script improperly validates user-supplied input to the "thesection" parameter. If an attacker supplies a carefully-formed URL contaning '/../' sequences as argument to this parameter, the script will traverse the normal directory structure of the application in order to find the specified file. As a result, it is possible to remotely view arbitrary files on the host which are readable by user 'nobody'.