Andy's PHP Projects Man Page Lookup Script - Information Disclosure

EDB-ID:

23536




Platform:

PHP

Date:

2004-01-10


source: https://www.securityfocus.com/bid/9395/info

A problem in the handling of user-supplied input by Andy's PHP Projects Man Page Lookup script has been reported. Because of this, it is possible for an attacker to gain unauthorized access to sensitive information on a system.

http://www.example.com/manpage/index.php?command=/etc/resolv.conf