Описание
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2061
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16817
- http://marc.info/?l=bugtraq&m=109095196526490&w=2
- http://secunia.com/advisories/12173
- http://securitytracker.com/id?1010788
- http://www.osvdb.org/8265
- http://www.osvdb.org/8266
- http://www.securityfocus.com/bid/10812
Связанные уязвимости
CVSS3: 9.8
nvd
больше 21 года назад
RiSearch 1.0.01 and RiSearch Pro 3.2.06 allows remote attackers to use the show.pl script as an open proxy, or read arbitrary local files, by setting the url parameter to a (1) http://, (2) ftp://, or (3) file:// URL.