Exploit Database - Logo

Siteframe CMS 2.2.4 - 'download.php' Information Disclosure

EDB-ID: 22386 Author: Ertan Kurt Published: 2003-03-19
CVE: N/A Type: Webapps Platform: PHP
Aliases: N/A Advisory/Source: Link Tags: Vulnerability
E-DB Verified: Verified Exploit: Download Exploit Code Download / View Raw Vulnerable App: N/A
« Previous Exploit Next Exploit » 
source: http://www.securityfocus.com/bid/7143/info

Siteframe has been reported vulnerable to an information disclosure vulnerability.

When handling certain download requests Siteframe may be lead into an error condition. When these errors occur, the script will output some path information. 

Information obtained in this manner may be used by an attacker to launch further attacks against a vulnerable system.

http://www.example.com/download.php?id=2%

Related Exploits

Trying to match OSVDBs (1): 54766
Other Possible E-DB Search Terms: Siteframe CMS 2.2.4,  Siteframe CMS
Date D V Title Author
2010-12-29Download Exploit Code Verified Siteframe CMS 3.2.3 - 'user.php' SQL InjectionAnGrY BoY
2008-07-18Download Exploit Code Verified Siteframe CMS 3.2.3 - 'folder.php' SQL Injectionn0ne
2009-07-09Download Exploit Code Verified Siteframe CMS 3.2.x - SQL Injection / phpinfo()NoGe
Menu