ScozBook 1.1 - Full Path Disclosure

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1107261 漏洞类型
发布时间 2003-03-29 更新时间 2003-03-29
CVE编号 CVE-2003-1555 CNNVD-ID N/A
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/22445
|漏洞详情
This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided.
|漏洞EXP
source: http://www.securityfocus.com/bid/7236/info

A path disclosure vulnerability has been reported for ScozBook. The issue occurs when a request is made to the view.php script page.

Access to sensitive filesystem information may aid an attacker in launching further attacks against a target system. 

http://hostname/scozbook/view.php?PG=test
|参考资料
resource:
hyperlink:http://securityreason.com/securityalert/3781
resource:Exploit
hyperlink:http://www.securityfocus.com/archive/1/archive/1/316747/30/25280/threaded
resource:Exploit
hyperlink:http://www.securityfocus.com/bid/7236
resource:
hyperlink:http://www.securitytracker.com/id?1006413
resource:
hyperlink:https://exchange.xforce.ibmcloud.com/vulnerabilities/11659