ServletExec Arbitrary File Reading
Sat, 05/09/2009 - 17:11 — victor
Name:
Agora CGI Path Disclosure
Filename:
specialcgi254.db
SPID:
2344
Impact:
It is possible on the remote system via the file /cgi-bin/store/agora.cgi to disclosure sensitive path information. An attacker can use this to do more specified attacks.
Solution:
Please upgrade to the latest version of this software from http://www.agoracgi.com
Risk:
Low
Privacy Statement | Link Policy | User Policy | SecPoint® Blog | SecPoint® Forum
SecPoint® Pictures | SecPoint® Event Pictures | SecPoint® Exploit Archive | SecPoint® Web Shop | SecPoint® Library
SecPoint® Video | SecPoint® Sitemap
© Copyright 1999-2008: SecPoint®
SecPoint ApS - Lergravsvej 53 - 2300 Copenhagen S - Phone +45 70 235 245
| Recent awards | Compatible with | Visit us on Facebook! | Visit us on LinkedIn! | Visit us on Myspace! | |||||
 |
 |
 |
 |
 |
 Group! |
 |
 follow us on Twitter!  |
||