########################## WwW.BugReport.ir
###########################################
###################################################################################
####################
####################
-POC:
http://[WebWiz Forum]/RTE_file_browser.asp?look=&sub=\…\\\…\\\…\\\
####################
Fast Solution :
####################
You can see below lines in "RTE_file_browser.asp" and "file_browser.asp"
'Stip path tampering for security reasons
strSubFolderName = Replace(strSubFolderName, "../", "", 1, -1, 1)
strSubFolderName = Replace(strSubFolderName, "..\", "", 1, -1, 1)
strSubFolderName = Replace(strSubFolderName, "./", "", 1, -1, 1)
strSubFolderName = Replace(strSubFolderName, ".\", "", 1, -1, 1)
Only add this to them:
strSubFolderName = Replace(strSubFolderName, "/", "\", 1, -1, 1)
strSubFolderName = Replace(strSubFolderName, "\\", "\", 1, -1, 1)
strSubFolderName = Replace(strSubFolderName, "…", "", 1, -1, 1)
####################