xinkaa Web station 1.0.3 - Directory Traversal Vulnerability

2005-02-21T00:00:00
ID EDB-ID:25133
Type exploitdb
Reporter Luigi Auriemma
Modified 2005-02-21T00:00:00

Description

Xinkaa WEB Station 1.0.3 Directory Traversal Vulnerability. Remote exploits for multiple platform

                                        
                                            source: http://www.securityfocus.com/bid/12606/info

A vulnerability has been identified in the handling of certain types of requests by Xinkaa WEB Station. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.

Read privileges granted to these files would be restricted by the permissions of the web server process.

http://www.example.com/../../../file
http://www.example.com/..\..\..\file