11 lines
494 B
Text
Executable file
11 lines
494 B
Text
Executable file
source: http://www.securityfocus.com/bid/25617/info
|
|
|
|
|
|
Sisfo Kampus is prone to an arbitrary-file-download vulnerability because the application fails to sufficiently sanitize user-supplied input.
|
|
|
|
An attacker can exploit this issue to download arbitrary files within the context of the webserver process. Information obtained may aid in further attacks.
|
|
|
|
This issue affects SisfoKampus 2006; other versions may also be vulnerable.
|
|
|
|
http://www.example.com/dwoprn.php?f=connectdb.php
|
|
|