http://parse.com directory traversal vulnerability Little Insight: http://parse.com was vulnerable to a directory traversal / RCE vulnerability. As a result, it was possible for an attacker to load web server-readable files from the local filesystem. or Run commend on That Well this is my 4th reward form facebook Directory Traversal or RCE Vulnerability That give me 5th position in Facebook white-hat Page Report Date :23 July 2014 Reward For Directory Traversal or RCE Vulnerability : 20000$ How This work......? As we discussed earlier on my old post Flowdock Directory Traversal Vulnerability exposed files outside of Rails’ view paths. '%5C' turns into '\' after decoding. Using Rack::Protection it only rejects '/../' segments in the request path. patch apply for Rack::Protection acording CVE-2014-0130 and also Reject now '%5C' turns into '\' after decoding now my work .
hacking stuff , latest hacking updates , hacking tools ,