Описание
MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via a direct request to includes/legacy.php.
MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via a direct request to includes/legacy.php.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-1677
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25714
- http://secunia.com/advisories/19578
- http://www.maxdev.com/Article592.phtml
- http://www.securityfocus.com/archive/1/430370/100/0/threaded
- http://www.securityfocus.com/archive/1/437831/100/100/threaded
- http://www.vupen.com/english/advisories/2006/1282
Связанные уязвимости
nvd
почти 20 лет назад
MAXdev MDPro 1.0.73 and 1.0.72, and possibly other versions before 1.076, allows remote attackers to obtain the full path of the server via a direct request to includes/legacy.php.