| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060722041624.15143.qmail@securityfocus.com> Date: 22 Jul 2006 04:16:24 -0000 From: Silitix@...il.com To: bugtraq@...urityfocus.com Subject: DotClear : Multiples Full Path Disclosure # DotClear : Multiples Full Path Disclosure # Discovred By Silitix - Silitix_gmail_com # www.Silitix.com A remote user can access the files directly to cause the system to display an error message that indicates the full path of the server. /ecrire/tools/blogroll/edit_cat.php /ecrire/tools/blogroll/index.php /ecrire/tools/blogroll/edit_link.php /ecrire/tools/syslog/index.php /ecrire/tools/thememng/index.php /ecrire/tools/toolsmng/index.php /ecrire/tools/utf8convert/index.php /ecrire/inc/connexion.php /inc/session.php /inc/classes/class.blog.php /inc/classes/class.blogcomment.php /inc/classes/class.blogpost.php /layout/append.php /layout/class.xblog.php /layout/class.xblogcomment.php /layout/class.xblogpost.php /themes/default/form.php /themes/default/list.php /themes/default/post.php /themes/default/template.php
Powered by blists - more mailing lists