Exploitation Summary
EIP tracks 1 public exploit for CVE-2003-0277. PoCs published by Julio Cesar.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in Happymall E-Commerce, allowing an attacker to read arbitrary files on the system by manipulating the 'file' parameter in the URI. The vulnerability is due to insufficient input sanitization, enabling path traversal sequences like '../../'.
Description
Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the file parameter.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in Happymall E-Commerce, allowing an attacker to read arbitrary files on the system by manipulating the 'file' parameter in the URI. The vulnerability is due to insufficient input sanitization, enabling path traversal sequences like '../../'.