Seanox DevWex Windows Binary 1.2002.520 - File Disclosure

EDB-ID:

21530




Platform:

Windows

Date:

2002-06-08


source: https://www.securityfocus.com/bid/4978/info

The Seanox DevWex Windows binary version is prone to an issue which may cause arbitrary web-readable files to be disclosed to remote attackers. This problem occurs because DevWex does not sufficiently filter '..\' sequences from web requests. 

GET /..\..\..\..\anyfile