[Owasp-leaders] Exploiting dot-dot-slash

• Previous message: [Owasp-leaders] [OWASP-wiki-editors] OWASP Wiki update- awesome editing features
• Next message: [Owasp-leaders] email verification
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi guys,
Thought I should share this small write up on dot-dot-slash attacks in the
wild.

https://www.alien-within.com/wordpress-plugin-membership-simplified-v1-58-arbitrary-file-download/

Kind Regards,
-- 
Munir Njenga,
OWASP Chapter Leader (Kenya) || Information Security Consultant || Developer
Mob   (KE) +254 (0) 734960670

=============================
Chapter Page: www.owasp.org/index.php/Kenya
Email: munir.njiru at owasp.org
Facebook: https://www.facebook.com/OWASP.Kenya
Mailing List: https://lists.owasp.org/mailman/listinfo/owasp-Kenya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20170316/0e83dd13/attachment.html>

• Previous message: [Owasp-leaders] [OWASP-wiki-editors] OWASP Wiki update- awesome editing features
• Next message: [Owasp-leaders] email verification
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]