- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 29615
- Проверка EDB
-
- Пройдено
- Автор
- GHEETOTANK
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-1044
- Дата публикации
- 2007-02-19
Powerschool 4.3.6/5.1.2 - JavaScript File Request Information Disclosure
Код:
source: https://www.securityfocus.com/bid/22611/info
Powerschool is prone to an information-disclosure vulnerability because the application discloses information about administrative session variables.
An attacker can exploit these issue to obtain sensitive information that may aid in other attacks.
This issue affects Powerschool 4.3.6; other versions may also be affected.
UPDATE: Powerschool 5.1.2 is also reportedly affected by this issue, in a limited fashion.
http://www.example.com/admin/.js- Источник
- www.exploit-db.com
