Ciamos 0.9.2 - 'Highlight.php' File Disclosure

EDB-ID:

25242

CVE:

N/A

EDB Verified:

Author:

Majid NT

Type:

webapps

Exploit:   /  

Platform:

PHP

Date:

2005-03-19

Vulnerable App: 
source: https://www.securityfocus.com/bid/12854/info

Ciamos is reported prone to a file disclosure vulnerability. The full scope of this vulnerability is not currently known, however, it is demonstrated that this issue may be leveraged to disclose the source of PHP files contained in a Ciamos installation.

A remote attacker may exploit this vulnerability to reveal files that contain potentially sensitive information. Information that is harvested in this manner may then be used to aid in further attacks against the software and the computer that is hosting the software.

http://www.example.com/ciamosinstalation/class/debug/highlight.php?file=ciamosinstallationpath\mainfile.php&line=151#151
Tags:
Advisory/Source: Link
Databases Links Sites Solutions
Exploits Search Exploit-DB OffSec Courses and Certifications
Google Hacking Submit Entry Kali Linux Learn Subscriptions
Papers SearchSploit Manual VulnHub OffSec Cyber Range
Shellcodes Exploit Statistics Proving Grounds
Penetration Testing Services
Exploits Google Hacking Papers Shellcodes
Search Exploit-DB Submit Entry SearchSploit Manual Exploit Statistics
OffSec Kali Linux VulnHub
Courses and Certifications Learn Subscriptions OffSec Cyber Range Proving Grounds Penetration Testing Services