Guestbook 4.0 – Sensitive Information Disclosure

15次阅读
没有评论

Guestbook 4.0 – Sensitive Information Disclosure

漏洞ID 1053820 漏洞类型
发布时间 2003-04-10 更新时间 2003-04-10
Guestbook 4.0 - Sensitive Information DisclosureCVE编号 N/A
Guestbook 4.0 - Sensitive Information DisclosureCNNVD-ID N/A
漏洞平台 CGI CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22482
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7320/info

Guestbook has been reported prone to a sensitive information disclosure weakness.

An attacker may disclose sensitive information regarding the Super Guestbook install by sending a HTTP request for the Guest Book passwd file. Administration credentials are displayed in the attacker's browser. 

http://www.example.com/cgi-bin/guestbook/passwd

相关推荐: Sun JSSE/Java Plug-In/Java Web Start Incorrect Certificate Validation Vulnerability

Sun JSSE/Java Plug-In/Java Web Start Incorrect Certificate Validation Vulnerability 漏洞ID 1100932 漏洞类型 Design Error 发布时间 2003-01-23…

正文完
 0