source: http://www.securityfocus.com/bid/11134/info Regulus is reported prone to an information disclosure vulnerability. It is reported that it is possible to view a target users connection statistics without requiring valid credentials. An attacker may employ data that is obtained in this manner to aid in further attacks launched against the vulnerable software. This vulnerability is reported to affect all versions of SAFE TEAM Regulus. http://example.com/base-dir/htmlcust/custchoice.php?lang=English&userid=<name>&action=To see your connections logs Where '<name>' is the target username.
Related ExploitsOther Possible E-DB Search Terms: SAFE TEAM Regulus 2.2, SAFE TEAM Regulus
|2004-09-07||24581||SAFE TEAM Regulus 2.2 - Staffile Information Disclosure||masud_libra|
|2004-09-07||24582||SAFE TEAM Regulus 2.2 - Custchoice.php Update Your Password Action Information Disclosure||masud_libra|