Exploit PHP-Gastebuch 1.60 - Information Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
22953
Проверка EDB
  1. Пройдено
Автор
JIM PANGALOS
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2003-07-24
Код:
source: https://www.securityfocus.com/bid/8270/info

PHP-Gastebuch has been reported prone to multiple information disclosure vulnerabilities. The issue presents itself because the affected software fails to sufficiently control access to sensitive files contained in the PHP-Gastebuch installation.

It has been reported that an attacker may make a request for several sensitive PHP-Gastebuch files, and in doing so reveal potentially sensitive information including administrative MD5 password hashes.

Information collected in this way may be used to mount further attacks against the affected system.

http://www.example.com/guestbook/guestbookdat 
http://www.example.com/guestbook/pwd
 
Источник
www.exploit-db.com

Похожие темы