BugTraq
Back to list
|
Post reply
DotClear : Multiples Full Path Disclosure
Jul 22 2006 04:16AM
Silitix gmail com
# DotClear : Multiples Full Path Disclosure
# Discovred By Silitix - Silitix_gmail_com
# www.Silitix.com
A remote user can access the files directly to cause the system to display
an error message that indicates the full path of the server.
/ecrire/tools/blogroll/edit_cat.php
/ecrire/tools/blogroll/index.php
/ecrire/tools/blogroll/edit_link.php
/ecrire/tools/syslog/index.php
/ecrire/tools/thememng/index.php
/ecrire/tools/toolsmng/index.php
/ecrire/tools/utf8convert/index.php
/ecrire/inc/connexion.php
/inc/session.php
/inc/classes/class.blog.php
/inc/classes/class.blogcomment.php
/inc/classes/class.blogpost.php
/layout/append.php
/layout/class.xblog.php
/layout/class.xblogcomment.php
/layout/class.xblogpost.php
/themes/default/form.php
/themes/default/list.php
/themes/default/post.php
/themes/default/template.php
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
# Discovred By Silitix - Silitix_gmail_com
# www.Silitix.com
A remote user can access the files directly to cause the system to display
an error message that indicates the full path of the server.
/ecrire/tools/blogroll/edit_cat.php
/ecrire/tools/blogroll/index.php
/ecrire/tools/blogroll/edit_link.php
/ecrire/tools/syslog/index.php
/ecrire/tools/thememng/index.php
/ecrire/tools/toolsmng/index.php
/ecrire/tools/utf8convert/index.php
/ecrire/inc/connexion.php
/inc/session.php
/inc/classes/class.blog.php
/inc/classes/class.blogcomment.php
/inc/classes/class.blogpost.php
/layout/append.php
/layout/class.xblog.php
/layout/class.xblogcomment.php
/layout/class.xblogpost.php
/themes/default/form.php
/themes/default/list.php
/themes/default/post.php
/themes/default/template.php
[ reply ]