9 lines
No EOL
586 B
Text
9 lines
No EOL
586 B
Text
source: http://www.securityfocus.com/bid/15404/info
|
|
|
|
Help Center Live is prone to a local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.
|
|
|
|
An attacker may leverage this issue to disclose sensitive information. This may help with further attacks on the affected computer.
|
|
|
|
It should be noted that this issue may also be leveraged to read arbitrary files on an affected computer with the privileges of the Web server.
|
|
|
|
http://www.example.com/support/module.php?module=osTicket&file=/../../../../../etc/passwd |