Page 1 of 1

URL Vulnerabilities

Posted: Fri Aug 28, 2009 7:01 am
by Daz
Other than ./ and ../ can anything else be used to relatively browse directory trees?

Re: URL Vulnerabilities

Posted: Fri Aug 28, 2009 7:15 am
by mrvijayakumar
Give full URL. This is another option,

ex: http://www.yourdomain.com/directory/

Re: URL Vulnerabilities

Posted: Fri Aug 28, 2009 7:17 am
by Daz
mrvijayakumar wrote:Give full URL. This is another option,

ex: http://www.yourdomain.com/directory/
I gotcha, I'm just trying to think of possible attack vectors not-so-nice people could use on my domain.

Re: URL Vulnerabilities

Posted: Fri Aug 28, 2009 7:28 am
by mrvijayakumar
can u tell me clear? i will try to give some alter solution.

Re: URL Vulnerabilities

Posted: Fri Aug 28, 2009 8:11 am
by jackpf
If you use basename() then the current directory can only be used.