4 matches found
Barnraiser Prairie OpenID idp: Directory traversal attack
The OpenID idp software "Barnraiser Prairie" http://www.barnraiser.org/prairie/ is vulnerable to directory traversal attacks: ./getfile.php does not limit the given path and allows directory traversal attacks with full public access to all images on the server. Example exploit:...
Barnraiser Prairie Directory Traversal
The OpenID idp software "Barnraiser Prairie" http://www.barnraiser.org/prairie/ is vulnerable to directory traversal attacks: ./getfile.php does not limit the given path and allows directory traversal attacks with full public access to all images on the server. Example exploit:...
Barnraiser Prairie - 'get_file.php' Directory Traversal
source: https://www.securityfocus.com/bid/60782/info Barnraiser Prairie is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with directory-traversal sequences '../' to access arbitrary image...
Barnraiser Prairie - get_file.php Directory Traversal
Barnraiser Prairie - getfile.php Directory Traversal source: https://www.securityfocus.com/bid/60782/info Barnraiser Prairie is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can use specially crafted requests with...