DoSePa Information Disclosure Vulnerability

DoSePa is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied parameters.

An attacker can exploit this issue to retrieve arbitrary files with the privileges of the hosting webserver application. Information harvested during successful exploits will aid in further attacks.

DoSePa 1.0.4 is vulnerable to this issue; other versions may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus