Path disclousure in MEGA PORTAL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Path disclousure in MEGA PORTAL
From: bolok.boloke80@xxxxxxxxx
Date: Mon, 2 May 2011 08:35:18 -0600

Product: MEGA PORTAL
Vendor: http://www.got.my
Demo: http://www.got.my/MEGA-PORTAL/
Vulnerability Type: Path disclosure
Risk level: medium
Credit: Hector.x90

Vulnerability Details:
A remote user can determine the full path to the web root directory and other potentially sensitive information.
The following PoC is available:

http://[host]/themes/default/slideshow.php

Prev by Date: [USN-1129-1] Perl vulnerabilities
Next by Date: XSS in CLASSIFIED ADS
Previous by thread: [USN-1129-1] Perl vulnerabilities
Next by thread: XSS in CLASSIFIED ADS
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux