CVE-2019-14322

This exploit demonstrates a path traversal vulnerability in Pallets Werkzeug prior to 0.15.5 on Windows systems. It leverages the mishandling of drive names in Windows pathnames to access arbitrary files via SharedDataMiddleware.

This repository contains a functional exploit for CVE-2019-14322, a path traversal vulnerability in Pallets Werkzeug (affecting Odoo). The exploit sends crafted HTTP requests to read sensitive Windows files via the `SharedDataMiddleware` component.

This repository contains an Nmap NSE script designed to detect CVE-2019-14322, a path traversal vulnerability in Pallets Werkzeug's SharedDataMiddleware on Windows systems. The script attempts to read `c:/windows/win.ini` as a proof of concept to confirm the vulnerability.

This repository contains a Python script that scans for CVE-2019-14322, a directory traversal vulnerability in Pallets Werkzeug. The script checks for the presence of the vulnerability by attempting to read a known file (c:/windows/win.ini) via crafted URLs.