Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Vulnerability: Bitrix Web Server Paths

From: D_BuG <d_bug () bk ru>
Date: Wed, 15 Jun 2005 17:58:05 +0400
Vendor: Bitrix
Product:Bitrix Site Manager 4.0.x

Consequences: Web server paths
Risk: Minimal

Description: during executions of
http://host/bitrix/templates/.default/subscribe/subscr_form.php
http://host /bitrix/php_interface/dbquery_error.php
there got an erros which is causing web server internal path information availability

Google search: inurl: /bitrix/ 

Discoveried By D_BuG d_bug () bk ru
NemesisSecurityTeam
http://nemesisoftware.com/

CheckZond free v. 1.0 http://nemesisoftware.com/products.htm
uses the vulnerabilities above for automatic vulnerabilities search (Google Hacking technique) and usage.

-- 
Best regards,
 D_BuG                          mailto:d_bug () bk ru
Previous By Date Next
Previous By Thread Next

Current thread: