How to prevent absolute path traversal in EasyPHP Webserver 14.1

In the EasyPHP Webserver 14.1 software, there is an Absolute Path Traversal vulnerability in the dashboard index.php page.
https://www.exploit-db.com/exploits/51430
I reviewed the source code and tried to look for the vulnerable code but I… Continue reading How to prevent absolute path traversal in EasyPHP Webserver 14.1

Uploading webshell in ASP.net application using directory-traversal and file-upload vulnerability

On my target site, I found two vulnerabilities, unrestricted file upload(to any directory) and directory traversal. I have two end points :
1- site.com/fileUp : uploads file
{
—-Request Parameters—
file_data=<file>
file_name=123…. Continue reading Uploading webshell in ASP.net application using directory-traversal and file-upload vulnerability

Checking if an arbitrary file exists on the server can be considered Path Traversal?

I ran a SAST Analysis on a project I’m working on and the tool reports the following snippet as a Relative Path Traversal vulnerability (CWE-23):
[Authorize]
[HttpPut("exists")]
public async Task<IActionResult> FileExists([… Continue reading Checking if an arbitrary file exists on the server can be considered Path Traversal?

Confirming File upload directory traversal without knowing upload path or being able to retrieve the uploaded file?

I am faced with a file upload functionality. We can upload docs and png’s but cannot view them.
I have tested for several things so far and now would like to test for directory traversal via file name.
I.e if can I upload / replace files i… Continue reading Confirming File upload directory traversal without knowing upload path or being able to retrieve the uploaded file?