9 lines
No EOL
420 B
Text
9 lines
No EOL
420 B
Text
source: https://www.securityfocus.com/bid/12402/info
|
|
|
|
A remote information disclosure issue affects CitrusDB. This issue is due to a design problem that grants unauthorized users the ability to export sensitive data.
|
|
|
|
An attacker may leverage this issue to gain access to sensitive information including credit card data.
|
|
|
|
[path to CitrusDB]/io/newfile.txt
|
|
|
|
where [path to CitrusDB] is the path relative to the web root. |