|
|
|
|
|
|
by dylangs1030
4390 days ago
|
|
|
Looks like they fixed that fast after your comment. [domain]/../../../../../../../../etc/passwd is still possible though, which then makes getwifi.io/etc/passwd. Really, they should obfuscate the user-submitted URL entirely instead of blacklisting or whitelisting. |
|
|