SIX-webboard does not adequately validate user input thereby permitting directory traversal

Overview SIX-webboard does not adequately validate user input, allowing directory traversal. Description SIX-webboard 2.01 does not adequately validate the "content" CGI variable, allowing directory traversal out of SIX-webboard's content root directory. Attackers may exploit this vulnerability t...

CVE-2001-1115

generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot .. in the content parameter...

SIX-webboard 2.01 "show files" vulnerability

a little bit late, but "it's better late than never"! -------------- PoizonB0x Advisory1 pb0x-07-07-2001 - --------------- -NAME: SIX-webboard 2.01 "show files" vulnerability. -DESCRIPTION: Little, but very popular webboard coded by Pipo [email protected]. Find more information about the...

CVE-2001-1115

generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot .. in the content parameter...