Software602 602Pro LAN Suite Web Mail Installation Path Disclosure Vulnerability

It has been reported that 602Pro LAN SUITE is prone to a remote installation path disclosure vulnerability. This issue is due to the existence of a hidden parameter embedded within the 'login' form that specifies the installation path.

Successful exploitation of this issue may allow an attacker to gain sensitive information about the file system that may aid in launching more direct attacks against the system.


 

Privacy Statement
Copyright 2010, SecurityFocus