BugTraq
Powerschool 404 Admin Exposure Feb 19 2007 05:06AM
gheetotank hotmail com
Powerschool 4.3.6 and possibly other versions expose the admin interface when requesting any file with .js

This allows one to see some directory and file names inside the admin folder.

POC:

http://[powerschoolip]/admin/.js

Product's website does not provide email contact?

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus