Path Traversal (CWE-22) leak sensitive data in ikus060/rdiffweb
Oct 1st 2022
Path Traversal successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server.
Proof of Concept
Note: If you can not see the poc image , you can follow this link https://imgur.com/a/1svTNB4
Arbitrary file read. This could leak sensitive system files or any file present on the system.