Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:26305
HistoryMay 05, 2011 - 12:00 a.m.

Path disclousure in MEGA PORTAL

2011-05-0500:00:00
vulners.com
24

Product: MEGA PORTAL
Vendor: http://www.got.my
Demo: http://www.got.my/MEGA-PORTAL/
Vulnerability Type: Path disclosure
Risk level: medium
Credit: Hector.x90

Vulnerability Details:
A remote user can determine the full path to the web root directory and other potentially
sensitive information.
The following PoC is available:

http://[host]/themes/default/slideshow.php