Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-1115. PoCs published by Hannibal Lector.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in SIX-webboard 2.01, allowing unauthorized file access via manipulated input in the 'content' parameter. The PoC uses '../' sequences to traverse directories and a null byte to terminate the path.
Description
generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in SIX-webboard 2.01, allowing unauthorized file access via manipulated input in the 'content' parameter. The PoC uses '../' sequences to traverse directories and a null byte to terminate the path.