MyABraCaDaWeb 1.0 - Full Path Disclosure
| EKU-ID: 27861 | CVE: CVE-2003-1548;OSVDB-54590 | OSVDB-ID: |
| Author: gregory Le Bras | Published: 2003-03-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27861 | CVE: CVE-2003-1548;OSVDB-54590 | OSVDB-ID: |
| Author: gregory Le Bras | Published: 2003-03-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7126/info MyABraCaDaWeb is reported to disclose path information in error messages when handling some invalid requests. This information could be useful in further attacks against a system hosting the software. http://www.example.com/index.php?IDAdmin=test http://www.example.com/index.php?base=test http://www.example.com/index.php?tampon=test http://www.example.com/index.php?SqlQuery=test