• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Eupla Foros Config.INC Information Disclosure Vulnerability

Foros is prone to an information-disclosure vulnerability. This issue occurs because access controls on configuration files are not properly set.

An attacker can exploit this issue to retrieve potentially sensitive information. This may aid in further attacks.

Note that this vulnerability occurs only when the '.inc' file extension is not declared as a PHP suffix.