Pacific Software URL Live! 1.0 - Directory Traversal

EDB-ID:

19568


Author:

UNYUN

Type:

remote


Platform:

Windows

Date:

1999-10-28


source: https://www.securityfocus.com/bid/746/info

The URL Live! free webserver from Pacific software is susceptible to the "../" directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files outside the intended web file structure. 

Example:
http ://xyz.com/../../../config.sys