- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19903
- Проверка EDB
-
- Пройдено
- Автор
- BLACK WATCH LABS
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2000-0381
- Дата публикации
- 2000-05-05
Gossamer Threads DBMan 2.0.4 - DBMan Information Leakage
Код:
source: https://www.securityfocus.com/bid/1178/info
Requesting an invalid database file from a web server implementing Gossamer Threads DBMan scripts will return a CGI error message containing environmental variables to a remote user without any authorization. The parameters displayed include the local document root path, server administrator account name, web server software, platform, etc.
http://target/scripts/dbman/db.cgi?db=invalid-db- Источник
- www.exploit-db.com
