Closed dune73 closed 4 years ago
This is a finding discovered via Burp and Wavsep by Damiano Esposito from Zurich University of Applied Sciences and Christian Folini, netnea.com.
GET /wavsep/active/LFI/LFI-Detection-Evaluation-GET-200Error/Case01-LFI-FileClass-FilenameContext-Unrestricted-OSPath-DefaultFullInput-AnyPathReq-Read.jsp?target=%2fopt%2ftomcat%2fwebapps%2fwavsep%2factive%2fLFI%2fLFI-Detection-Evaluation-GET-200Error%2f.%2fcontent.ini HTTP/1.1 Host: espomodsecurity Accept: */* Accept-Language: en User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0) Connection: close X-PL: 0 Referer: http://espomodsecurity/wavsep/active/LFI/LFI-Detection-Evaluation-GET-200Error/ Cookie: JSESSIONID=48BDE66262090C329859066F3E5A82C5; userinput=EmptyValue; info-cookie-no-http-only=test HTTP/1.1 200 OK Date: Sat, 11 Mar 2017 20:40:50 GMT Server: Apache-Coyote/1.1 X-Unique-ID: WMRg038AAQEAACp7JD4AAADV Content-Type: text/html;charset=ISO-8859-1 Set-Cookie: JSESSIONID=F53CBFCAF3EE13A5709B4C8E138EAEDD; Path=/wavsep; HttpOnly Content-Length: 4340 Connection: close # Logo Vulnerability Scanner Version Vendor License / Technology Last Update Source Code Activity 1 Acunetix WVS Free Edition 7.0 (GA) Build 20110711 Acunetix Freeware Unknown (Win32) 11-07-2011 2 aidSQL 02062011 (Beta) Build 255 Lynxec GPL2 PHP 02-02-2011 03-05-2011 Source Code ...
This issue has timed out as it has not received any update in over 2 years. If this is still a problem please open a new issue.
This is a finding discovered via Burp and Wavsep by Damiano Esposito from Zurich University of Applied Sciences and Christian Folini, netnea.com.