Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29593
HistoryJul 15, 2013 - 12:00 a.m.

Barnraiser Prairie OpenID idp: Directory traversal attack

2013-07-1500:00:00
vulners.com
24

The OpenID idp software "Barnraiser Prairie"
http://www.barnraiser.org/prairie/ is vulnerable to directory traversal attacks:

./get_file.php does not limit the given path and allows directory traversal attacks with full public access to all images on the server.

Example exploit:
get_file.php?avatar=…&width=…/…/…/…/…/…/…/…/usr/share/apache2/icons/apache_pb.png