
Vulnerability Description: The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
How to Exploit:=>
1. Go to the site (http://74.124.215.220/~config/demo/cab_booking/)
β β β β

2. Open Burpsuit then intercept and spider the data.
β β β β

3. Now use the burp search option and search jpg or png
β‘ β‘ β‘ β‘

4. Now pick any link and select show response in the browser
β‘ β‘ β‘ β‘

5. Then delete the last part of URL [after last forward slash] (http://74.124.215.220/~config/demo/cab_booking/uploads/category/)
β‘ β‘ β‘ β‘

6. You will get all The file lists (Directory listing)
β‘ β‘ β‘ β‘


Leave a Reply