Exploitation Summary
EIP tracks 1 public exploit for CVE-2007-2747. PoCs published by Jesus Roncero.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in rdiffWeb 0.3.5, allowing attackers to retrieve arbitrary files by manipulating the 'path' parameter. The provided URL demonstrates the attack vector but lacks executable code.
Description
Directory traversal vulnerability in rdw_helpers.py in rdiffWeb before 0.3.5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to the /browse URI.
Exploits (1)
The exploit describes a directory traversal vulnerability in rdiffWeb 0.3.5, allowing attackers to retrieve arbitrary files by manipulating the 'path' parameter. The provided URL demonstrates the attack vector but lacks executable code.