Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTTP directory traversal vulnerability #17

Closed
masked-owl opened this issue Feb 29, 2024 · 2 comments
Closed

HTTP directory traversal vulnerability #17

masked-owl opened this issue Feb 29, 2024 · 2 comments
Assignees
@dubyte

Comments

@masked-owl
Copy link

Security issue, server allows directory transversal with a crafted URL.
Example of Vulnerable URL: http://localhost:8100/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd
@dubyte
Copy link
Owner

dubyte commented Mar 12, 2024

Thanks for reporting this I will check this out.

@dubyte dubyte self-assigned this Mar 12, 2024
@dubyte dubyte mentioned this issue Mar 12, 2024
Merged
dubyte added a commit that referenced this issue Mar 12, 2024
@dubyte
Merge pull request #18 from dubyte/fix_http_trasversal_vulnerability
fd30c64 
fix: http trasversal vulnerability #17
@dubyte
Copy link
Owner

dubyte commented Mar 12, 2024

Thank you again; this is fixed now on the new version.

@dubyte dubyte closed this as completed Mar 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dubyte dubyte

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dubyte @masked-owl