Paliz CMS Full Path Disclosure Vulnerability

From: advisories@highsecure.ir
To: bugtraq@securityfocus.com
Cc:
Subject: Paliz CMS Full Path Disclosure Vulnerability
Date:


##################################################################################
# Title: Paliz CMS Full Path Disclosure Vulnerability
# Vulnerable Version: all versions
# Vendor URL: http://palizct.com
# Impact: Low
##################################################################################

===========================
Vulnerability Description:
===========================
Full Path Disclosure Vulnerability, enable the attacker to see the root path.

==================
Proof Of Concept:
==================

http://[target]/portal/DeskTopModules/Currency/CurrencyAll.aspx?mID=[]

=========
Credits:
=========

HighSecure.ir
Contact: advisories[aT]highsecure[dOt]ir

============
References:
============

http://www.highsecure.ir/research/20120822-paliz.txt

##################################################################################





Copyright © 1995-2019 LinuxRocket.net. All rights reserved.