reget deluxe 3.0 build 121 - Directory Traversal

EDB-ID:

23872

CVE:

N/A


Author:

snifer

Type:

webapps


Platform:

JSP

Date:

2004-03-22


source: https://www.securityfocus.com/bid/9951/info

It has been reported that ReGet may be prone to a directory traversal vulnerability that may allow remote attackers to upload files to arbitrary locations on a target system. The attacker may supply encoded directory traversal sequences in the URI parameter so that the requested file is saved outside of the default download directory specified by the user.

ReGet Deluxe 3.0 build 121 has been reported to be prone to this issue, however, other versions could be affected as well.

/support/download.jsp?filename=..%2F ..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fshadow