Simplog Information Disclosure Vulnerability
BID:16965
Info
Simplog Information Disclosure Vulnerability
| Bugtraq ID: | 16965 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 04 2006 12:00AM |
| Updated: | Mar 09 2006 02:55AM |
| Credit: | Retard and jim <[email protected]> are credited with the discovery of this vulnerability. |
| Vulnerable: |
Simplog Simplog 1.0.2 |
| Not Vulnerable: | |
Discussion
Simplog Information Disclosure Vulnerability
Simplog is prone to an information-disclosure vulnerability. The application fails to properly sanitize user-supplied input.
Attackers may exploit this issue to gain access to potentially sensitive information, aiding them in further attacks.
Simplog version 1.0.2 is vulnerable to these issues; other versions may also be affected.
Simplog is prone to an information-disclosure vulnerability. The application fails to properly sanitize user-supplied input.
Attackers may exploit this issue to gain access to potentially sensitive information, aiding them in further attacks.
Simplog version 1.0.2 is vulnerable to these issues; other versions may also be affected.
Exploit / POC
Simplog Information Disclosure Vulnerability
An exploit is not required.
Example URIs were provided:
http://www.example.com/index.php?act=blog&blogid=../somefile
http://www.example.com/index.php?act=../somefile
An exploit is not required.
Example URIs were provided:
http://www.example.com/index.php?act=blog&blogid=../somefile
http://www.example.com/index.php?act=../somefile
Solution / Fix
Simplog Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected]
References
Simplog Information Disclosure Vulnerability
References:
References: