Re: Dir Structure Print out

by chip (Curate)
on Nov 14, 2001

in reply to Dir Structure Print out

Serious security errors:
  • Using form input in a pathname without sanitizing it; specifically:
  • Allowing sneaky examination of the system by user input of paths starting with lots of dotdot entries.

    -- Chip Salzenberg, Free-Floating Agent of Chaos

