Black Tie Project Path Disclosure Vulnerability

Black Tie Porject (BTP) is PHP based portal system. It is designed to be modular in nature, and allows users to easily create and customize additional modules. BTP is a French language project.

It has been reported that BTP discloses path information. A request for a non-existent page, could result in an error page containing the absolute path to the web root on the host running the vulnerable software.

This information may aid in further attacks against the host running the vulnerable software.


 

Privacy Statement
Copyright 2010, SecurityFocus