QwikSec

Security Database

CVE

CWE

Training

CVE-2006-6865

Published: Jan 4, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for ".." sequences.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

exploit

x_refsource_EXPLOIT-DB

20061230 SoftArtisans FileUp(TM) viewsrc.asp remote script source disclosure exploit

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_VUPEN

http://ingehenriksen.blogspot.com/2006/12/softartisans-fileup-viewsrcasp-remote.html

x_refsource_MISC

third-party-advisory

x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.