BugTraq
Re: DotClear Full Path Disclosure Vulnerability Feb 13 2007 05:47AM
Cedric Blancher (blancher cartel-securite fr) (1 replies)
Re: DotClear Full Path Disclosure Vulnerability Feb 13 2007 07:34AM
Raphaël HUCK (raphael huck free fr) (1 replies)
Re: DotClear Full Path Disclosure Vulnerability Feb 13 2007 09:10AM
Cedric Blancher (blancher cartel-securite fr) (1 replies)
Re: DotClear Full Path Disclosure Vulnerability Feb 13 2007 06:57PM
Gmail account (god ate my homework gmail com) (2 replies)
Well the ideal situation for incuding files is when your root is not
yout webroot.
But if you dont have this you can make a workaround by placing every php
file that is not directy called (but included) into a folder and place
in it an .htaccess file with a deny from all command so it would not be
accesible from anyone through a browser.

[ reply ]
Re: DotClear Full Path Disclosure Vulnerability Feb 14 2007 09:06AM
Cedric Blancher (blancher cartel-securite fr)
Re: DotClear Full Path Disclosure Vulnerability Feb 13 2007 09:39PM
Raphaël HUCK (raphael huck free fr)


 

Privacy Statement
Copyright 2010, SecurityFocus