Power Up HTML 0.8033 beta - Directory Traversal Arbitrary File Disclosure Vulnerability

2001-09-07T00:00:00
ID EDB-ID:21102
Type exploitdb
Reporter Steve Shepherd
Modified 2001-09-07T00:00:00

Description

Power Up HTML 0.8033 beta Directory Traversal Arbitrary File Disclosure Vulnerability. CVE-2001-1138. Remote exploit for cgi platform

                                        
                                            source: http://www.securityfocus.com/bid/3304/info

Power Up HTML is a set of HTML-like commands that can be placed into web pages. It provides a central routing point to simplify programming and customization of CGI scripts.

A vulnerability exists in Power Up HTML which allows directory traversal through the web server using ../ strings in a CGI request. This directory traversal can be used to view or execute arbitrary files on the webserver to which the web service has permissions. Failure to filter metacharacters from HTTP requests can allow user-supplied values to run. 

http://www.target.com/cgi-bin/powerup/r.cgi?FILE=../../../../../etc/passwd