PHP-Gastebuch 1.60 – Information Disclosure

PHP-Gastebuch 1.60 – Information Disclosure

漏洞ID 1054054 漏洞类型
发布时间 2003-07-24 更新时间 2003-07-24
图片[1]-PHP-Gastebuch 1.60 – Information Disclosure-安全小百科CVE编号 N/A
图片[2]-PHP-Gastebuch 1.60 – Information Disclosure-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22953
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/8270/info

PHP-Gastebuch has been reported prone to multiple information disclosure vulnerabilities. The issue presents itself because the affected software fails to sufficiently control access to sensitive files contained in the PHP-Gastebuch installation.

It has been reported that an attacker may make a request for several sensitive PHP-Gastebuch files, and in doing so reveal potentially sensitive information including administrative MD5 password hashes.

Information collected in this way may be used to mount further attacks against the affected system.

http://www.example.com/guestbook/guestbookdat 
http://www.example.com/guestbook/pwd

相关推荐: Mike Spice My Classifieds Input Validation Vulnerability

Mike Spice My Classifieds Input Validation Vulnerability 漏洞ID 1102598 漏洞类型 Input Validation Error 发布时间 2002-01-09 更新时间 2002-01-09 …

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享