1 |
On 2022-02-28 04:35, John Covici wrote: |
2 |
> A total of 4 possible successful probes were detected (the following |
3 |
> URLs |
4 |
> contain strings that match one or more of a listing of strings that |
5 |
> indicate a possible exploit): |
6 |
> |
7 |
> /?f=../../../../../../../../../etc/passwd HTTP Response 200 |
8 |
> /?file=../../../../../../../../../etc/passwd HTTP Response 200 |
9 |
> /?filename=../../../../../../../../../etc/passwd HTTP |
10 |
> Response 200 |
11 |
> /?id=../../../../../../../../../etc/passwd HTTP Response |
12 |
> 200 |
13 |
|
14 |
It's a path traversal attack: |
15 |
https://owasp.org/www-community/attacks/Path_Traversal |