9 lines
No EOL
481 B
Text
9 lines
No EOL
481 B
Text
source: http://www.securityfocus.com/bid/44578/info
|
|
|
|
SmartOptimizer is prone to a remote information-disclosure vulnerability because it fails to properly sanitize user-supplied input.
|
|
|
|
An attacker can exploit this vulnerability to view the source code of files in the context of the server process; this may aid in further attacks.
|
|
|
|
SmartOptimizer 1.7 is vulnerable; prior versions may also be affected.
|
|
|
|
http://www.example.com/smartoptimizer/index.php?../index.php%00.js |