PHP FirstPost Path Disclosure Vulnerability

PHP FirstPost is a PHP weblog program which contains an open submission queue and comment rating system.

It has been reported that PHP FirstPost discloses path information. A request for a non-existent page, could result in an error page containing the absolute path to the web root on the host running the vulnerable software.

This information may aid in further attacks against the host running the vulnerable software.


 

Privacy Statement
Copyright 2010, SecurityFocus