XLineSoft PHPRunner PHPRunner.INI Local Information Disclosure Vulnerability
BID:21054
Info
XLineSoft PHPRunner PHPRunner.INI Local Information Disclosure Vulnerability
| Bugtraq ID: | 21054 |
| Class: | Design Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 14 2006 12:00AM |
| Updated: | Nov 15 2006 11:46PM |
| Credit: | Lostmon <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
XLineSoft PHPRunner 3.1 |
| Not Vulnerable: | |
Discussion
XLineSoft PHPRunner PHPRunner.INI Local Information Disclosure Vulnerability
XLineSoft PHPRunner is prone to an information-disclosure vulnerability due to a design error.
Attackers could exploit this issue to access sensitive information that could aid in further attacks against the affected computer and related databases.
Version 3.1 is vulnerable; other version may be affected.
XLineSoft PHPRunner is prone to an information-disclosure vulnerability due to a design error.
Attackers could exploit this issue to access sensitive information that could aid in further attacks against the affected computer and related databases.
Version 3.1 is vulnerable; other version may be affected.
Exploit / POC
XLineSoft PHPRunner PHPRunner.INI Local Information Disclosure Vulnerability
An attacker can exploit this issue by gaining local interactive access to a computer running the affected application and reading the 'PHPRunner.ini' file.
An attacker can exploit this issue by gaining local interactive access to a computer running the affected application and reading the 'PHPRunner.ini' file.
Solution / Fix
XLineSoft PHPRunner PHPRunner.INI Local Information Disclosure Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:[email protected].
References
XLineSoft PHPRunner PHPRunner.INI Local Information Disclosure Vulnerability
References:
References:
- PHPRunner Homepage (XLineSoft)