Описание
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the application via a direct request to (1) doc.inc.php, (2) element.inc.php, and (3) node.inc.php, which leaks the path in an error message.
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the application via a direct request to (1) doc.inc.php, (2) element.inc.php, and (3) node.inc.php, which leaks the path in an error message.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-4320
- http://rgod.altervista.org/limbo1042_xpl.html
- http://secunia.com/advisories/18063
- http://securitytracker.com/id?1015364
- http://www.osvdb.org/21757
- http://www.osvdb.org/21758
- http://www.osvdb.org/21759
- http://www.securityfocus.com/archive/1/419470/100/0/threaded
- http://www.vupen.com/english/advisories/2005/2932
Связанные уязвимости
nvd
около 20 лет назад
Limbo CMS 1.0.4.2 and earlier allows remote attackers to obtain the installation path of the application via a direct request to (1) doc.inc.php, (2) element.inc.php, and (3) node.inc.php, which leaks the path in an error message.