10 lines
No EOL
378 B
Text
10 lines
No EOL
378 B
Text
source: http://www.securityfocus.com/bid/36171/info
|
|
|
|
PHP-Fusion is prone to multiple information-disclosure vulnerabilities.
|
|
|
|
Attackers can exploit these issues to harvest sensitive information that may lead to further attacks.
|
|
|
|
The following example URIs are available:
|
|
|
|
http://www.example.com/members.php?sortby[]=A
|
|
http://www.example.com/messages.php?folder[]=inbox |